deps: update openssl to 1.0.1f

deps/openssl/asm/x64-elf-gas/aes/aes-x86_64.s

@@ -1335,8 +1335,8 @@ AES_cbc_encrypt:
 	jb	.Lcbc_slow_prologue
 	testq	$15,%rdx
 	jnz	.Lcbc_slow_prologue
-
+	btl	$28,%r10d
-
+	jc	.Lcbc_slow_prologue
 
 
 	leaq	-88-248(%rsp),%r15

deps/openssl/asm/x64-elf-gas/aes/bsaes-x86_64.s

@@ -365,7 +365,6 @@ _bsaes_encrypt8_bitslice:
 	pxor	%xmm11,%xmm7
 	pshufd	$78,%xmm3,%xmm1
 	pxor	%xmm12,%xmm8
-
 	pxor	%xmm10,%xmm2
 	pxor	%xmm14,%xmm6
 	pxor	%xmm13,%xmm5
@@ -798,148 +797,86 @@ _bsaes_decrypt8:
 	decl	%r10d
 	jl	.Ldec_done
 
-	pshufd	$147,%xmm4,%xmm14
+	pshufd	$78,%xmm15,%xmm7
-	movdqa	%xmm5,%xmm9
+	pshufd	$78,%xmm2,%xmm13
-	pxor	%xmm6,%xmm4
+	pxor	%xmm15,%xmm7
-	pxor	%xmm6,%xmm5
+	pshufd	$78,%xmm4,%xmm14
-	pshufd	$147,%xmm15,%xmm7
+	pxor	%xmm2,%xmm13
-	movdqa	%xmm6,%xmm12
+	pshufd	$78,%xmm0,%xmm8
-	pxor	%xmm15,%xmm6
+	pxor	%xmm4,%xmm14
-	pxor	%xmm0,%xmm15
+	pshufd	$78,%xmm5,%xmm9
-	pshufd	$147,%xmm0,%xmm8
+	pxor	%xmm0,%xmm8
-	pxor	%xmm5,%xmm0
+	pshufd	$78,%xmm3,%xmm10
-	pxor	%xmm2,%xmm15
+	pxor	%xmm5,%xmm9
-	pxor	%xmm3,%xmm0
+	pxor	%xmm13,%xmm15
-	pshufd	$147,%xmm3,%xmm10
+	pxor	%xmm13,%xmm0
-	pxor	%xmm15,%xmm5
+	pshufd	$78,%xmm1,%xmm11
-	pxor	%xmm4,%xmm3
+	pxor	%xmm3,%xmm10
-	pxor	%xmm2,%xmm4
-	pshufd	$147,%xmm2,%xmm13
-	movdqa	%xmm1,%xmm11
-	pxor	%xmm1,%xmm2
-	pxor	%xmm3,%xmm1
-	pxor	%xmm4,%xmm3
-	pxor	%xmm12,%xmm2
-	pxor	%xmm9,%xmm3
-	pxor	%xmm11,%xmm3
-	pshufd	$147,%xmm12,%xmm12
-
-	pxor	%xmm4,%xmm6
-	pxor	%xmm7,%xmm4
-	pxor	%xmm8,%xmm6
-	pshufd	$147,%xmm9,%xmm9
-	pxor	%xmm12,%xmm4
-	pxor	%xmm13,%xmm6
-	pxor	%xmm14,%xmm4
-	pshufd	$147,%xmm11,%xmm11
-	pxor	%xmm13,%xmm14
-	pxor	%xmm4,%xmm6
-
 	pxor	%xmm7,%xmm5
-	pshufd	$147,%xmm7,%xmm7
+	pxor	%xmm8,%xmm3
-	pxor	%xmm8,%xmm15
+	pshufd	$78,%xmm6,%xmm12
-	pxor	%xmm8,%xmm0
+	pxor	%xmm1,%xmm11
-	pxor	%xmm9,%xmm15
-	pshufd	$147,%xmm8,%xmm8
-	pxor	%xmm9,%xmm5
-	pxor	%xmm9,%xmm3
-	pxor	%xmm14,%xmm15
-	pshufd	$147,%xmm9,%xmm9
-	pxor	%xmm10,%xmm5
-	pxor	%xmm10,%xmm1
-	pxor	%xmm10,%xmm0
-	pshufd	$147,%xmm10,%xmm10
-	pxor	%xmm11,%xmm2
-	pxor	%xmm11,%xmm3
-	pxor	%xmm14,%xmm2
-	pxor	%xmm12,%xmm5
-	pxor	%xmm11,%xmm0
-	pxor	%xmm12,%xmm14
-
-	pxor	%xmm14,%xmm3
-	pshufd	$147,%xmm11,%xmm11
-	pxor	%xmm14,%xmm1
 	pxor	%xmm14,%xmm0
+	pxor	%xmm9,%xmm1
+	pxor	%xmm6,%xmm12
 
-	pxor	%xmm12,%xmm14
+	pxor	%xmm14,%xmm5
-	pshufd	$147,%xmm12,%xmm12
+	pxor	%xmm13,%xmm3
-	pxor	%xmm13,%xmm14
+	pxor	%xmm13,%xmm1
-
+	pxor	%xmm10,%xmm6
-
-	pxor	%xmm2,%xmm0
 	pxor	%xmm11,%xmm2
-	pshufd	$147,%xmm13,%xmm13
+	pxor	%xmm14,%xmm1
-	pxor	%xmm7,%xmm15
-	pxor	%xmm12,%xmm2
-	pxor	%xmm9,%xmm15
-	pshufd	$147,%xmm14,%xmm14
-
-	pxor	%xmm6,%xmm5
-	pxor	%xmm8,%xmm6
-	pxor	%xmm7,%xmm4
-	pxor	%xmm7,%xmm5
-	pxor	%xmm12,%xmm6
-	pxor	%xmm12,%xmm4
 	pxor	%xmm14,%xmm6
-	pshufd	$147,%xmm7,%xmm7
+	pxor	%xmm12,%xmm4
-	pxor	%xmm13,%xmm4
+	pshufd	$147,%xmm15,%xmm7
-	pxor	%xmm6,%xmm5
+	pshufd	$147,%xmm0,%xmm8
+	pxor	%xmm7,%xmm15
+	pshufd	$147,%xmm5,%xmm9
 	pxor	%xmm8,%xmm0
-	pshufd	$147,%xmm8,%xmm8
+	pshufd	$147,%xmm3,%xmm10
-
+	pxor	%xmm9,%xmm5
-	pxor	%xmm14,%xmm2
+	pshufd	$147,%xmm1,%xmm11
-	pxor	%xmm9,%xmm0
+	pxor	%xmm10,%xmm3
-	pxor	%xmm9,%xmm3
+	pshufd	$147,%xmm6,%xmm12
-	pshufd	$147,%xmm9,%xmm9
-	pxor	%xmm13,%xmm15
-	pxor	%xmm10,%xmm13
-	pxor	%xmm2,%xmm0
-	pxor	%xmm13,%xmm5
-
-	pxor	%xmm13,%xmm1
-	pxor	%xmm12,%xmm3
 	pxor	%xmm11,%xmm1
-	pshufd	$147,%xmm11,%xmm11
+	pshufd	$147,%xmm2,%xmm13
-	pxor	%xmm13,%xmm3
+	pxor	%xmm12,%xmm6
-	pxor	%xmm14,%xmm1
+	pshufd	$147,%xmm4,%xmm14
-	pxor	%xmm10,%xmm13
+	pxor	%xmm13,%xmm2
-
+	pxor	%xmm14,%xmm4
-	pshufd	$147,%xmm12,%xmm12
-	pshufd	$147,%xmm13,%xmm13
-	pshufd	$147,%xmm14,%xmm14
-	pshufd	$147,%xmm10,%xmm10
-
 
-	pxor	%xmm6,%xmm0
+	pxor	%xmm15,%xmm8
-	pxor	%xmm6,%xmm8
-	pxor	%xmm12,%xmm7
-	pxor	%xmm12,%xmm8
-	pxor	%xmm7,%xmm5
 	pxor	%xmm4,%xmm7
-	pxor	%xmm13,%xmm8
+	pxor	%xmm4,%xmm8
-	pxor	%xmm14,%xmm13
+	pshufd	$78,%xmm15,%xmm15
+	pxor	%xmm0,%xmm9
+	pshufd	$78,%xmm0,%xmm0
+	pxor	%xmm1,%xmm12
+	pxor	%xmm7,%xmm15
+	pxor	%xmm6,%xmm13
 	pxor	%xmm8,%xmm0
-	pxor	%xmm11,%xmm2
+	pxor	%xmm3,%xmm11
-	pxor	%xmm0,%xmm11
+	pshufd	$78,%xmm1,%xmm7
-	pxor	%xmm10,%xmm1
-	pxor	%xmm5,%xmm10
-	pxor	%xmm9,%xmm3
-	pxor	%xmm15,%xmm9
-	pxor	%xmm14,%xmm10
-	pxor	%xmm3,%xmm12
-	pxor	%xmm13,%xmm9
-	pxor	%xmm13,%xmm12
-	pxor	%xmm1,%xmm13
 	pxor	%xmm2,%xmm14
-
+	pshufd	$78,%xmm6,%xmm8
-	movdqa	%xmm7,%xmm15
+	pxor	%xmm5,%xmm10
-	movdqa	%xmm8,%xmm0
+	pshufd	$78,%xmm3,%xmm1
-	movdqa	%xmm9,%xmm1
+	pxor	%xmm4,%xmm10
-	movdqa	%xmm10,%xmm2
+	pshufd	$78,%xmm4,%xmm6
-	movdqa	%xmm11,%xmm3
+	pxor	%xmm4,%xmm11
-	movdqa	%xmm12,%xmm4
+	pshufd	$78,%xmm2,%xmm3
+	pxor	%xmm11,%xmm7
+	pshufd	$78,%xmm5,%xmm2
+	pxor	%xmm12,%xmm8
+	pxor	%xmm1,%xmm10
+	pxor	%xmm14,%xmm6
+	pxor	%xmm3,%xmm13
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm9,%xmm2
 	movdqa	%xmm13,%xmm5
-	movdqa	%xmm14,%xmm6
+	movdqa	%xmm8,%xmm4
+	movdqa	%xmm2,%xmm1
+	movdqa	%xmm10,%xmm2
 	movdqa	-16(%r11),%xmm7
 	jnz	.Ldec_loop
 	movdqa	-32(%r11),%xmm7

deps/openssl/asm/x64-macosx-gas/aes/aes-x86_64.s

@@ -1335,8 +1335,8 @@ L$cbc_picked_te:
 	jb	L$cbc_slow_prologue
 	testq	$15,%rdx
 	jnz	L$cbc_slow_prologue
-
+	btl	$28,%r10d
-
+	jc	L$cbc_slow_prologue
 
 
 	leaq	-88-248(%rsp),%r15

deps/openssl/asm/x64-macosx-gas/aes/bsaes-x86_64.s

@@ -365,7 +365,6 @@ L$enc_sbox:
 	pxor	%xmm11,%xmm7
 	pshufd	$78,%xmm3,%xmm1
 	pxor	%xmm12,%xmm8
-
 	pxor	%xmm10,%xmm2
 	pxor	%xmm14,%xmm6
 	pxor	%xmm13,%xmm5
@@ -798,148 +797,86 @@ L$dec_sbox:
 	decl	%r10d
 	jl	L$dec_done
 
-	pshufd	$147,%xmm4,%xmm14
+	pshufd	$78,%xmm15,%xmm7
-	movdqa	%xmm5,%xmm9
+	pshufd	$78,%xmm2,%xmm13
-	pxor	%xmm6,%xmm4
+	pxor	%xmm15,%xmm7
-	pxor	%xmm6,%xmm5
+	pshufd	$78,%xmm4,%xmm14
-	pshufd	$147,%xmm15,%xmm7
+	pxor	%xmm2,%xmm13
-	movdqa	%xmm6,%xmm12
+	pshufd	$78,%xmm0,%xmm8
-	pxor	%xmm15,%xmm6
+	pxor	%xmm4,%xmm14
-	pxor	%xmm0,%xmm15
+	pshufd	$78,%xmm5,%xmm9
-	pshufd	$147,%xmm0,%xmm8
+	pxor	%xmm0,%xmm8
-	pxor	%xmm5,%xmm0
+	pshufd	$78,%xmm3,%xmm10
-	pxor	%xmm2,%xmm15
+	pxor	%xmm5,%xmm9
-	pxor	%xmm3,%xmm0
+	pxor	%xmm13,%xmm15
-	pshufd	$147,%xmm3,%xmm10
+	pxor	%xmm13,%xmm0
-	pxor	%xmm15,%xmm5
+	pshufd	$78,%xmm1,%xmm11
-	pxor	%xmm4,%xmm3
+	pxor	%xmm3,%xmm10
-	pxor	%xmm2,%xmm4
-	pshufd	$147,%xmm2,%xmm13
-	movdqa	%xmm1,%xmm11
-	pxor	%xmm1,%xmm2
-	pxor	%xmm3,%xmm1
-	pxor	%xmm4,%xmm3
-	pxor	%xmm12,%xmm2
-	pxor	%xmm9,%xmm3
-	pxor	%xmm11,%xmm3
-	pshufd	$147,%xmm12,%xmm12
-
-	pxor	%xmm4,%xmm6
-	pxor	%xmm7,%xmm4
-	pxor	%xmm8,%xmm6
-	pshufd	$147,%xmm9,%xmm9
-	pxor	%xmm12,%xmm4
-	pxor	%xmm13,%xmm6
-	pxor	%xmm14,%xmm4
-	pshufd	$147,%xmm11,%xmm11
-	pxor	%xmm13,%xmm14
-	pxor	%xmm4,%xmm6
-
 	pxor	%xmm7,%xmm5
-	pshufd	$147,%xmm7,%xmm7
+	pxor	%xmm8,%xmm3
-	pxor	%xmm8,%xmm15
+	pshufd	$78,%xmm6,%xmm12
-	pxor	%xmm8,%xmm0
+	pxor	%xmm1,%xmm11
-	pxor	%xmm9,%xmm15
-	pshufd	$147,%xmm8,%xmm8
-	pxor	%xmm9,%xmm5
-	pxor	%xmm9,%xmm3
-	pxor	%xmm14,%xmm15
-	pshufd	$147,%xmm9,%xmm9
-	pxor	%xmm10,%xmm5
-	pxor	%xmm10,%xmm1
-	pxor	%xmm10,%xmm0
-	pshufd	$147,%xmm10,%xmm10
-	pxor	%xmm11,%xmm2
-	pxor	%xmm11,%xmm3
-	pxor	%xmm14,%xmm2
-	pxor	%xmm12,%xmm5
-	pxor	%xmm11,%xmm0
-	pxor	%xmm12,%xmm14
-
-	pxor	%xmm14,%xmm3
-	pshufd	$147,%xmm11,%xmm11
-	pxor	%xmm14,%xmm1
 	pxor	%xmm14,%xmm0
+	pxor	%xmm9,%xmm1
+	pxor	%xmm6,%xmm12
 
-	pxor	%xmm12,%xmm14
+	pxor	%xmm14,%xmm5
-	pshufd	$147,%xmm12,%xmm12
+	pxor	%xmm13,%xmm3
-	pxor	%xmm13,%xmm14
+	pxor	%xmm13,%xmm1
-
+	pxor	%xmm10,%xmm6
-
-	pxor	%xmm2,%xmm0
 	pxor	%xmm11,%xmm2
-	pshufd	$147,%xmm13,%xmm13
+	pxor	%xmm14,%xmm1
-	pxor	%xmm7,%xmm15
-	pxor	%xmm12,%xmm2
-	pxor	%xmm9,%xmm15
-	pshufd	$147,%xmm14,%xmm14
-
-	pxor	%xmm6,%xmm5
-	pxor	%xmm8,%xmm6
-	pxor	%xmm7,%xmm4
-	pxor	%xmm7,%xmm5
-	pxor	%xmm12,%xmm6
-	pxor	%xmm12,%xmm4
 	pxor	%xmm14,%xmm6
-	pshufd	$147,%xmm7,%xmm7
+	pxor	%xmm12,%xmm4
-	pxor	%xmm13,%xmm4
+	pshufd	$147,%xmm15,%xmm7
-	pxor	%xmm6,%xmm5
+	pshufd	$147,%xmm0,%xmm8
+	pxor	%xmm7,%xmm15
+	pshufd	$147,%xmm5,%xmm9
 	pxor	%xmm8,%xmm0
-	pshufd	$147,%xmm8,%xmm8
+	pshufd	$147,%xmm3,%xmm10
-
+	pxor	%xmm9,%xmm5
-	pxor	%xmm14,%xmm2
+	pshufd	$147,%xmm1,%xmm11
-	pxor	%xmm9,%xmm0
+	pxor	%xmm10,%xmm3
-	pxor	%xmm9,%xmm3
+	pshufd	$147,%xmm6,%xmm12
-	pshufd	$147,%xmm9,%xmm9
-	pxor	%xmm13,%xmm15
-	pxor	%xmm10,%xmm13
-	pxor	%xmm2,%xmm0
-	pxor	%xmm13,%xmm5
-
-	pxor	%xmm13,%xmm1
-	pxor	%xmm12,%xmm3
 	pxor	%xmm11,%xmm1
-	pshufd	$147,%xmm11,%xmm11
+	pshufd	$147,%xmm2,%xmm13
-	pxor	%xmm13,%xmm3
+	pxor	%xmm12,%xmm6
-	pxor	%xmm14,%xmm1
+	pshufd	$147,%xmm4,%xmm14
-	pxor	%xmm10,%xmm13
+	pxor	%xmm13,%xmm2
-
+	pxor	%xmm14,%xmm4
-	pshufd	$147,%xmm12,%xmm12
-	pshufd	$147,%xmm13,%xmm13
-	pshufd	$147,%xmm14,%xmm14
-	pshufd	$147,%xmm10,%xmm10
-
 
-	pxor	%xmm6,%xmm0
+	pxor	%xmm15,%xmm8
-	pxor	%xmm6,%xmm8
-	pxor	%xmm12,%xmm7
-	pxor	%xmm12,%xmm8
-	pxor	%xmm7,%xmm5
 	pxor	%xmm4,%xmm7
-	pxor	%xmm13,%xmm8
+	pxor	%xmm4,%xmm8
-	pxor	%xmm14,%xmm13
+	pshufd	$78,%xmm15,%xmm15
+	pxor	%xmm0,%xmm9
+	pshufd	$78,%xmm0,%xmm0
+	pxor	%xmm1,%xmm12
+	pxor	%xmm7,%xmm15
+	pxor	%xmm6,%xmm13
 	pxor	%xmm8,%xmm0
-	pxor	%xmm11,%xmm2
+	pxor	%xmm3,%xmm11
-	pxor	%xmm0,%xmm11
+	pshufd	$78,%xmm1,%xmm7
-	pxor	%xmm10,%xmm1
-	pxor	%xmm5,%xmm10
-	pxor	%xmm9,%xmm3
-	pxor	%xmm15,%xmm9
-	pxor	%xmm14,%xmm10
-	pxor	%xmm3,%xmm12
-	pxor	%xmm13,%xmm9
-	pxor	%xmm13,%xmm12
-	pxor	%xmm1,%xmm13
 	pxor	%xmm2,%xmm14
-
+	pshufd	$78,%xmm6,%xmm8
-	movdqa	%xmm7,%xmm15
+	pxor	%xmm5,%xmm10
-	movdqa	%xmm8,%xmm0
+	pshufd	$78,%xmm3,%xmm1
-	movdqa	%xmm9,%xmm1
+	pxor	%xmm4,%xmm10
-	movdqa	%xmm10,%xmm2
+	pshufd	$78,%xmm4,%xmm6
-	movdqa	%xmm11,%xmm3
+	pxor	%xmm4,%xmm11
-	movdqa	%xmm12,%xmm4
+	pshufd	$78,%xmm2,%xmm3
+	pxor	%xmm11,%xmm7
+	pshufd	$78,%xmm5,%xmm2
+	pxor	%xmm12,%xmm8
+	pxor	%xmm1,%xmm10
+	pxor	%xmm14,%xmm6
+	pxor	%xmm3,%xmm13
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm9,%xmm2
 	movdqa	%xmm13,%xmm5
-	movdqa	%xmm14,%xmm6
+	movdqa	%xmm8,%xmm4
+	movdqa	%xmm2,%xmm1
+	movdqa	%xmm10,%xmm2
 	movdqa	-16(%r11),%xmm7
 	jnz	L$dec_loop
 	movdqa	-32(%r11),%xmm7

deps/openssl/asm/x64-win32-masm/aes/aes-x86_64.asm

@@ -1395,8 +1395,8 @@ $L$cbc_picked_te::
 	jb	$L$cbc_slow_prologue
 	test	rdx,15
 	jnz	$L$cbc_slow_prologue
-
+	bt	r10d,28
-
+	jc	$L$cbc_slow_prologue
 
 
 	lea	r15,QWORD PTR[((-88-248))+rsp]

deps/openssl/asm/x64-win32-masm/aes/bsaes-x86_64.asm

@@ -365,7 +365,6 @@ $L$enc_sbox::
 	pxor	xmm7,xmm11
 	pshufd	xmm1,xmm3,04Eh
 	pxor	xmm8,xmm12
-
 	pxor	xmm2,xmm10
 	pxor	xmm6,xmm14
 	pxor	xmm5,xmm13
@@ -798,148 +797,86 @@ $L$dec_sbox::
 	dec	r10d
 	jl	$L$dec_done
 
-	pshufd	xmm14,xmm4,093h
+	pshufd	xmm7,xmm15,04Eh
-	movdqa	xmm9,xmm5
+	pshufd	xmm13,xmm2,04Eh
-	pxor	xmm4,xmm6
+	pxor	xmm7,xmm15
-	pxor	xmm5,xmm6
+	pshufd	xmm14,xmm4,04Eh
-	pshufd	xmm7,xmm15,093h
+	pxor	xmm13,xmm2
-	movdqa	xmm12,xmm6
+	pshufd	xmm8,xmm0,04Eh
-	pxor	xmm6,xmm15
+	pxor	xmm14,xmm4
-	pxor	xmm15,xmm0
+	pshufd	xmm9,xmm5,04Eh
-	pshufd	xmm8,xmm0,093h
+	pxor	xmm8,xmm0
-	pxor	xmm0,xmm5
+	pshufd	xmm10,xmm3,04Eh
-	pxor	xmm15,xmm2
+	pxor	xmm9,xmm5
-	pxor	xmm0,xmm3
+	pxor	xmm15,xmm13
-	pshufd	xmm10,xmm3,093h
+	pxor	xmm0,xmm13
-	pxor	xmm5,xmm15
+	pshufd	xmm11,xmm1,04Eh
-	pxor	xmm3,xmm4
+	pxor	xmm10,xmm3
-	pxor	xmm4,xmm2
-	pshufd	xmm13,xmm2,093h
-	movdqa	xmm11,xmm1
-	pxor	xmm2,xmm1
-	pxor	xmm1,xmm3
-	pxor	xmm3,xmm4
-	pxor	xmm2,xmm12
-	pxor	xmm3,xmm9
-	pxor	xmm3,xmm11
-	pshufd	xmm12,xmm12,093h
-
-	pxor	xmm6,xmm4
-	pxor	xmm4,xmm7
-	pxor	xmm6,xmm8
-	pshufd	xmm9,xmm9,093h
-	pxor	xmm4,xmm12
-	pxor	xmm6,xmm13
-	pxor	xmm4,xmm14
-	pshufd	xmm11,xmm11,093h
-	pxor	xmm14,xmm13
-	pxor	xmm6,xmm4
-
 	pxor	xmm5,xmm7
-	pshufd	xmm7,xmm7,093h
+	pxor	xmm3,xmm8
-	pxor	xmm15,xmm8
+	pshufd	xmm12,xmm6,04Eh
-	pxor	xmm0,xmm8
+	pxor	xmm11,xmm1
-	pxor	xmm15,xmm9
-	pshufd	xmm8,xmm8,093h
-	pxor	xmm5,xmm9
-	pxor	xmm3,xmm9
-	pxor	xmm15,xmm14
-	pshufd	xmm9,xmm9,093h
-	pxor	xmm5,xmm10
-	pxor	xmm1,xmm10
-	pxor	xmm0,xmm10
-	pshufd	xmm10,xmm10,093h
-	pxor	xmm2,xmm11
-	pxor	xmm3,xmm11
-	pxor	xmm2,xmm14
-	pxor	xmm5,xmm12
-	pxor	xmm0,xmm11
-	pxor	xmm14,xmm12
-
-	pxor	xmm3,xmm14
-	pshufd	xmm11,xmm11,093h
-	pxor	xmm1,xmm14
 	pxor	xmm0,xmm14
+	pxor	xmm1,xmm9
+	pxor	xmm12,xmm6
 
-	pxor	xmm14,xmm12
+	pxor	xmm5,xmm14
-	pshufd	xmm12,xmm12,093h
+	pxor	xmm3,xmm13
-	pxor	xmm14,xmm13
+	pxor	xmm1,xmm13
-
+	pxor	xmm6,xmm10
-
-	pxor	xmm0,xmm2
 	pxor	xmm2,xmm11
-	pshufd	xmm13,xmm13,093h
+	pxor	xmm1,xmm14
-	pxor	xmm15,xmm7
-	pxor	xmm2,xmm12
-	pxor	xmm15,xmm9
-	pshufd	xmm14,xmm14,093h
-
-	pxor	xmm5,xmm6
-	pxor	xmm6,xmm8
-	pxor	xmm4,xmm7
-	pxor	xmm5,xmm7
-	pxor	xmm6,xmm12
-	pxor	xmm4,xmm12
 	pxor	xmm6,xmm14
-	pshufd	xmm7,xmm7,093h
+	pxor	xmm4,xmm12
-	pxor	xmm4,xmm13
+	pshufd	xmm7,xmm15,093h
-	pxor	xmm5,xmm6
+	pshufd	xmm8,xmm0,093h
+	pxor	xmm15,xmm7
+	pshufd	xmm9,xmm5,093h
 	pxor	xmm0,xmm8
-	pshufd	xmm8,xmm8,093h
+	pshufd	xmm10,xmm3,093h
-
+	pxor	xmm5,xmm9
-	pxor	xmm2,xmm14
+	pshufd	xmm11,xmm1,093h
-	pxor	xmm0,xmm9
+	pxor	xmm3,xmm10
-	pxor	xmm3,xmm9
+	pshufd	xmm12,xmm6,093h
-	pshufd	xmm9,xmm9,093h
-	pxor	xmm15,xmm13
-	pxor	xmm13,xmm10
-	pxor	xmm0,xmm2
-	pxor	xmm5,xmm13
-
-	pxor	xmm1,xmm13
-	pxor	xmm3,xmm12
 	pxor	xmm1,xmm11
-	pshufd	xmm11,xmm11,093h
+	pshufd	xmm13,xmm2,093h
-	pxor	xmm3,xmm13
+	pxor	xmm6,xmm12
-	pxor	xmm1,xmm14
+	pshufd	xmm14,xmm4,093h
-	pxor	xmm13,xmm10
+	pxor	xmm2,xmm13
-
+	pxor	xmm4,xmm14
-	pshufd	xmm12,xmm12,093h
-	pshufd	xmm13,xmm13,093h
-	pshufd	xmm14,xmm14,093h
-	pshufd	xmm10,xmm10,093h
-
 
-	pxor	xmm0,xmm6
+	pxor	xmm8,xmm15
-	pxor	xmm8,xmm6
-	pxor	xmm7,xmm12
-	pxor	xmm8,xmm12
-	pxor	xmm5,xmm7
 	pxor	xmm7,xmm4
-	pxor	xmm8,xmm13
+	pxor	xmm8,xmm4
-	pxor	xmm13,xmm14
+	pshufd	xmm15,xmm15,04Eh
+	pxor	xmm9,xmm0
+	pshufd	xmm0,xmm0,04Eh
+	pxor	xmm12,xmm1
+	pxor	xmm15,xmm7
+	pxor	xmm13,xmm6
 	pxor	xmm0,xmm8
-	pxor	xmm2,xmm11
+	pxor	xmm11,xmm3
-	pxor	xmm11,xmm0
+	pshufd	xmm7,xmm1,04Eh
-	pxor	xmm1,xmm10
-	pxor	xmm10,xmm5
-	pxor	xmm3,xmm9
-	pxor	xmm9,xmm15
-	pxor	xmm10,xmm14
-	pxor	xmm12,xmm3
-	pxor	xmm9,xmm13
-	pxor	xmm12,xmm13
-	pxor	xmm13,xmm1
 	pxor	xmm14,xmm2
-
+	pshufd	xmm8,xmm6,04Eh
-	movdqa	xmm15,xmm7
+	pxor	xmm10,xmm5
-	movdqa	xmm0,xmm8
+	pshufd	xmm1,xmm3,04Eh
-	movdqa	xmm1,xmm9
+	pxor	xmm10,xmm4
-	movdqa	xmm2,xmm10
+	pshufd	xmm6,xmm4,04Eh
-	movdqa	xmm3,xmm11
+	pxor	xmm11,xmm4
-	movdqa	xmm4,xmm12
+	pshufd	xmm3,xmm2,04Eh
+	pxor	xmm7,xmm11
+	pshufd	xmm2,xmm5,04Eh
+	pxor	xmm8,xmm12
+	pxor	xmm10,xmm1
+	pxor	xmm6,xmm14
+	pxor	xmm13,xmm3
+	movdqa	xmm3,xmm7
+	pxor	xmm2,xmm9
 	movdqa	xmm5,xmm13
-	movdqa	xmm6,xmm14
+	movdqa	xmm4,xmm8
+	movdqa	xmm1,xmm2
+	movdqa	xmm2,xmm10
 	movdqa	xmm7,XMMWORD PTR[((-16))+r11]
 	jnz	$L$dec_loop
 	movdqa	xmm7,XMMWORD PTR[((-32))+r11]
@@ -1640,7 +1577,7 @@ $L$xts_enc_prologue::
 	push	r15
 	lea	rsp,QWORD PTR[((-72))+rsp]
 	mov	r10,QWORD PTR[160+rsp]
-	mov	r11d,DWORD PTR[168+rsp]
+	mov	r11,QWORD PTR[168+rsp]
 	lea	rsp,QWORD PTR[((-160))+rsp]
 	movaps	XMMWORD PTR[64+rsp],xmm6
 	movaps	XMMWORD PTR[80+rsp],xmm7
@@ -2120,7 +2057,7 @@ $L$xts_dec_prologue::
 	push	r15
 	lea	rsp,QWORD PTR[((-72))+rsp]
 	mov	r10,QWORD PTR[160+rsp]
-	mov	r11d,DWORD PTR[168+rsp]
+	mov	r11,QWORD PTR[168+rsp]
 	lea	rsp,QWORD PTR[((-160))+rsp]
 	movaps	XMMWORD PTR[64+rsp],xmm6
 	movaps	XMMWORD PTR[80+rsp],xmm7

deps/openssl/asm/x64-win32-masm/bn/x86_64-mont5.asm

@@ -827,8 +827,8 @@ $L$gather::
 	lea	rcx,QWORD PTR[8+rcx]
 	sub	rdx,1
 	jnz	$L$gather
-	movaps	XMMWORD PTR[rsp],xmm6
+	movaps	xmm6,XMMWORD PTR[rsp]
-	movaps	XMMWORD PTR[16+rsp],xmm7
+	movaps	xmm7,XMMWORD PTR[16+rsp]
 	lea	rsp,QWORD PTR[40+rsp]
 	DB	0F3h,0C3h		;repret
 $L$SEH_end_bn_gather5::

deps/openssl/asm/x86-elf-gas/aes/aes-586.s

@@ -2252,6 +2252,8 @@ AES_cbc_encrypt:
 	jb	.L015slow_way
 	testl	$15,%ecx
 	jnz	.L015slow_way
+	btl	$28,(%eax)
+	jc	.L015slow_way
 	leal	-324(%esp),%esi
 	andl	$-64,%esi
 	movl	%ebp,%eax

deps/openssl/asm/x86-elf-gas/x86cpuid.s

@@ -61,6 +61,7 @@ OPENSSL_ia32_cpuid:
 	movzbl	%cl,%esi
 	incl	%esi
 	movl	$1,%eax
+	xorl	%ecx,%ecx
 	.byte	0x0f,0xa2
 	btl	$28,%edx
 	jnc	.L002generic
@@ -82,6 +83,7 @@ OPENSSL_ia32_cpuid:
 	andl	$4095,%edi
 .L003nocacheinfo:
 	movl	$1,%eax
+	xorl	%ecx,%ecx
 	.byte	0x0f,0xa2
 	andl	$3220176895,%edx
 	cmpl	$0,%ebp

deps/openssl/asm/x86-macosx-gas/aes/aes-586.s

@@ -2219,6 +2219,8 @@ L014picked_te:
 	jb	L015slow_way
 	testl	$15,%ecx
 	jnz	L015slow_way
+	btl	$28,(%eax)
+	jc	L015slow_way
 	leal	-324(%esp),%esi
 	andl	$-64,%esi
 	movl	%ebp,%eax

deps/openssl/asm/x86-macosx-gas/x86cpuid.s

@@ -60,6 +60,7 @@ L_OPENSSL_ia32_cpuid_begin:
 	movzbl	%cl,%esi
 	incl	%esi
 	movl	$1,%eax
+	xorl	%ecx,%ecx
 	.byte	0x0f,0xa2
 	btl	$28,%edx
 	jnc	L002generic
@@ -81,6 +82,7 @@ L001intel:
 	andl	$4095,%edi
 L003nocacheinfo:
 	movl	$1,%eax
+	xorl	%ecx,%ecx
 	.byte	0x0f,0xa2
 	andl	$3220176895,%edx
 	cmpl	$0,%ebp

deps/openssl/asm/x86-win32-masm/aes/aes-586.asm

@@ -2241,6 +2241,8 @@ $L014picked_te:
 	jb	$L015slow_way
 	test	ecx,15
 	jnz	$L015slow_way
+	bt	DWORD PTR [eax],28
+	jc	$L015slow_way
 	lea	esi,DWORD PTR [esp-324]
 	and	esi,-64
 	mov	eax,ebp

deps/openssl/asm/x86-win32-masm/bf/bf-686.asm

@@ -2,7 +2,7 @@ TITLE	bf-686.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm

@@ -2,7 +2,7 @@ TITLE	../openssl/crypto/bn/asm/x86-mont.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/bn/x86.asm

@@ -2,7 +2,7 @@ TITLE	../openssl/crypto/bn/asm/x86.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/camellia/cmll-x86.asm

@@ -2,7 +2,7 @@ TITLE	cmll-586.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/cast/cast-586.asm

@@ -2,7 +2,7 @@ TITLE	cast-586.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/des/crypt586.asm

@@ -2,7 +2,7 @@ TITLE	crypt586.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/des/des-586.asm

@@ -2,7 +2,7 @@ TITLE	des-586.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/md5/md5-586.asm

@@ -2,7 +2,7 @@ TITLE	../openssl/crypto/md5/asm/md5-586.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/rc5/rc5-586.asm

@@ -2,7 +2,7 @@ TITLE	rc5-586.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/ripemd/rmd-586.asm

@@ -2,7 +2,7 @@ TITLE	../openssl/crypto/ripemd/asm/rmd-586.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/sha/sha1-586.asm

@@ -2,7 +2,7 @@ TITLE	sha1-586.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/sha/sha256-586.asm

@@ -2,7 +2,7 @@ TITLE	sha512-586.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/sha/sha512-586.asm

@@ -2,7 +2,7 @@ TITLE	sha512-586.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800

deps/openssl/asm/x86-win32-masm/x86cpuid.asm

@@ -2,7 +2,7 @@ TITLE	x86cpuid.asm
 IF @Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF @Version LT 800
@@ -69,6 +69,7 @@ $L_OPENSSL_ia32_cpuid_begin::
 	movzx	esi,cl
 	inc	esi
 	mov	eax,1
+	xor	ecx,ecx
 	cpuid
 	bt	edx,28
 	jnc	$L002generic
@@ -90,6 +91,7 @@ $L001intel:
 	and	edi,4095
 $L003nocacheinfo:
 	mov	eax,1
+	xor	ecx,ecx
 	cpuid
 	and	edx,3220176895
 	cmp	ebp,0

deps/openssl/openssl/CHANGES

@@ -2,9 +2,31 @@
  OpenSSL CHANGES
  _______________
 
+ Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
+
+  *) Fix for TLS record tampering bug. A carefully crafted invalid 
+     handshake could crash OpenSSL with a NULL pointer exception.
+     Thanks to Anton Johansson for reporting this issues.
+     (CVE-2013-4353)
+
+  *) Keep original DTLS digest and encryption contexts in retransmission
+     structures so we can use the previous session parameters if they need
+     to be resent. (CVE-2013-6450)
+     [Steve Henson]
+
+  *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
+     avoids preferring ECDHE-ECDSA ciphers when the client appears to be
+     Safari on OS X.  Safari on OS X 10.8..10.8.3 advertises support for
+     several ECDHE-ECDSA ciphers, but fails to negotiate them.  The bug
+     is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
+     10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
+     [Rob Stradling, Adam Langley]
+
  Changes between 1.0.1d and 1.0.1e [11 Feb 2013]
 
-  *)
+  *) Correct fix for CVE-2013-0169. The original didn't work on AES-NI
+     supporting platforms or when small records were transferred.
+     [Andy Polyakov, Steve Henson]
 
  Changes between 1.0.1c and 1.0.1d [5 Feb 2013]
 
@@ -404,6 +426,63 @@
        Add command line options to s_client/s_server.
      [Steve Henson]
 
+ Changes between 1.0.0j and 1.0.0k [5 Feb 2013]
+
+  *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
+
+     This addresses the flaw in CBC record processing discovered by 
+     Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
+     at: http://www.isg.rhul.ac.uk/tls/     
+
+     Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+     Security Group at Royal Holloway, University of London
+     (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
+     Emilia Käsper for the initial patch.
+     (CVE-2013-0169)
+     [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
+
+  *) Return an error when checking OCSP signatures when key is NULL.
+     This fixes a DoS attack. (CVE-2013-0166)
+     [Steve Henson]
+
+  *) Call OCSP Stapling callback after ciphersuite has been chosen, so
+     the right response is stapled. Also change SSL_get_certificate()
+     so it returns the certificate actually sent.
+     See http://rt.openssl.org/Ticket/Display.html?id=2836.
+     (This is a backport)
+     [Rob Stradling <rob.stradling@comodo.com>]
+
+  *) Fix possible deadlock when decoding public keys.
+     [Steve Henson]
+
+ Changes between 1.0.0i and 1.0.0j [10 May 2012]
+
+  [NB: OpenSSL 1.0.0i and later 1.0.0 patch levels were released after
+  OpenSSL 1.0.1.]
+
+  *) Sanity check record length before skipping explicit IV in DTLS
+     to fix DoS attack.
+
+     Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
+     fuzzing as a service testing platform.
+     (CVE-2012-2333)
+     [Steve Henson]
+
+  *) Initialise tkeylen properly when encrypting CMS messages.
+     Thanks to Solar Designer of Openwall for reporting this issue.
+     [Steve Henson]
+
+ Changes between 1.0.0h and 1.0.0i [19 Apr 2012]
+
+  *) Check for potentially exploitable overflows in asn1_d2i_read_bio
+     BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
+     in CRYPTO_realloc_clean.
+
+     Thanks to Tavis Ormandy, Google Security Team, for discovering this
+     issue and to Adam Langley <agl@chromium.org> for fixing it.
+     (CVE-2012-2110)
+     [Adam Langley (Google), Tavis Ormandy, Google Security Team]
+
  Changes between 1.0.0g and 1.0.0h [12 Mar 2012]
 
   *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
@@ -1394,6 +1473,86 @@
   *) Change 'Configure' script to enable Camellia by default.
      [NTT]
 
+ Changes between 0.9.8x and 0.9.8y [5 Feb 2013]
+
+  *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
+
+     This addresses the flaw in CBC record processing discovered by 
+     Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
+     at: http://www.isg.rhul.ac.uk/tls/     
+
+     Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+     Security Group at Royal Holloway, University of London
+     (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
+     Emilia Käsper for the initial patch.
+     (CVE-2013-0169)
+     [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
+
+  *) Return an error when checking OCSP signatures when key is NULL.
+     This fixes a DoS attack. (CVE-2013-0166)
+     [Steve Henson]
+
+  *) Call OCSP Stapling callback after ciphersuite has been chosen, so
+     the right response is stapled. Also change SSL_get_certificate()
+     so it returns the certificate actually sent.
+     See http://rt.openssl.org/Ticket/Display.html?id=2836.
+     (This is a backport)
+     [Rob Stradling <rob.stradling@comodo.com>]
+
+  *) Fix possible deadlock when decoding public keys.
+     [Steve Henson]
+
+ Changes between 0.9.8w and 0.9.8x [10 May 2012]
+
+  *) Sanity check record length before skipping explicit IV in DTLS
+     to fix DoS attack.
+
+     Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
+     fuzzing as a service testing platform.
+     (CVE-2012-2333)
+     [Steve Henson]
+
+  *) Initialise tkeylen properly when encrypting CMS messages.
+     Thanks to Solar Designer of Openwall for reporting this issue.
+     [Steve Henson]
+
+ Changes between 0.9.8v and 0.9.8w [23 Apr 2012]
+
+  *) The fix for CVE-2012-2110 did not take into account that the 
+     'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
+     int in OpenSSL 0.9.8, making it still vulnerable. Fix by 
+     rejecting negative len parameter. (CVE-2012-2131)
+     [Tomas Hoger <thoger@redhat.com>]
+
+ Changes between 0.9.8u and 0.9.8v [19 Apr 2012]
+
+  *) Check for potentially exploitable overflows in asn1_d2i_read_bio
+     BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
+     in CRYPTO_realloc_clean.
+
+     Thanks to Tavis Ormandy, Google Security Team, for discovering this
+     issue and to Adam Langley <agl@chromium.org> for fixing it.
+     (CVE-2012-2110)
+     [Adam Langley (Google), Tavis Ormandy, Google Security Team]
+
+ Changes between 0.9.8t and 0.9.8u [12 Mar 2012]
+
+  *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
+     in CMS and PKCS7 code. When RSA decryption fails use a random key for
+     content decryption and always return the same error. Note: this attack
+     needs on average 2^20 messages so it only affects automated senders. The
+     old behaviour can be reenabled in the CMS code by setting the
+     CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
+     an MMA defence is not necessary.
+     Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
+     this issue. (CVE-2012-0884)
+     [Steve Henson]
+
+  *) Fix CVE-2011-4619: make sure we really are receiving a 
+     client hello before rejecting multiple SGC restarts. Thanks to
+     Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug.
+     [Steve Henson]
+
  Changes between 0.9.8s and 0.9.8t [18 Jan 2012]
 
   *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.

deps/openssl/openssl/Configure

@@ -178,7 +178,7 @@ my %table=(
 "debug-ben-no-opt",	"gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
 "debug-ben-strict",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
 "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-bodo",	"gcc:$gcc_devteam_warn -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"debug-bodo",	"gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
 "debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
 "debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

deps/openssl/openssl/Makefile

@@ -4,7 +4,7 @@
 ## Makefile for OpenSSL
 ##
 
-VERSION=1.0.1e
+VERSION=1.0.1f
 MAJOR=1
 MINOR=0.1
 SHLIB_VERSION_NUMBER=1.0.0
@@ -304,7 +304,8 @@ libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
 			FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
 			export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
 		fi; \
-		$(MAKE) -e SHLIBDIRS=crypto build-shared; \
+		$(MAKE) -e SHLIBDIRS=crypto  CC=$${CC:-$(CC)} build-shared; \
+		touch -c fips_premain_dso$(EXE_EXT); \
 	else \
 		echo "There's no support for shared libraries on this platform" >&2; \
 		exit 1; \

deps/openssl/openssl/Makefile.org

@@ -302,7 +302,8 @@ libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
 			FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
 			export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
 		fi; \
-		$(MAKE) -e SHLIBDIRS=crypto build-shared; \
+		$(MAKE) -e SHLIBDIRS=crypto  CC=$${CC:-$(CC)} build-shared; \
+		touch -c fips_premain_dso$(EXE_EXT); \
 	else \
 		echo "There's no support for shared libraries on this platform" >&2; \
 		exit 1; \

deps/openssl/openssl/NEWS

@@ -5,11 +5,17 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
-  Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e:
+  Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
+
+      o Fix for TLS record tampering bug CVE-2013-4353
+      o Fix for TLS version checking bug CVE-2013-6449
+      o Fix for DTLS retransmission bug CVE-2013-6450
+
+  Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]:
 
       o Corrected fix for CVE-2013-0169
 
-  Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d:
+  Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]:
 
       o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
       o Include the fips configuration module.
@@ -17,24 +23,24 @@
       o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
       o Fix for TLS AESNI record handling flaw CVE-2012-2686
 
-  Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c:
+  Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]:
 
       o Fix TLS/DTLS record length checking bug CVE-2012-2333
       o Don't attempt to use non-FIPS composite ciphers in FIPS mode.
 
-  Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b:
+  Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]:
 
       o Fix compilation error on non-x86 platforms.
       o Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
       o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0
 
-  Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a:
+  Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]:
 
       o Fix for ASN1 overflow bug CVE-2012-2110
       o Workarounds for some servers that hang on long client hellos.
       o Fix SEGV in AES code.
 
-  Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1:
+  Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]:
 
       o TLS/DTLS heartbeat support.
       o SCTP support.
@@ -47,17 +53,30 @@
       o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
       o SRP support.
 
-  Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h:
+  Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013]:
+
+      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+      o Fix OCSP bad key DoS attack CVE-2013-0166
+
+  Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j [10 May 2012]:
+
+      o Fix DTLS record length checking bug CVE-2012-2333
+
+  Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i [19 Apr 2012]:
+
+      o Fix for ASN1 overflow bug CVE-2012-2110
+
+  Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]:
 
       o Fix for CMS/PKCS#7 MMA CVE-2012-0884
       o Corrected fix for CVE-2011-4619
       o Various DTLS fixes.
 
-  Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g:
+  Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]:
 
       o Fix for DTLS DoS issue CVE-2012-0050
 
-  Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f:
+  Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]:
 
       o Fix for DTLS plaintext recovery attack CVE-2011-4108
       o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
@@ -65,7 +84,7 @@
       o Check parameters are not NULL in GOST ENGINE CVE-2012-0027
       o Check for malformed RFC3779 data CVE-2011-4577
 
-  Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e:
+  Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]:
 
       o Fix for CRL vulnerability issue CVE-2011-3207
       o Fix for ECDH crashes CVE-2011-3210
@@ -73,11 +92,11 @@
       o Support ECDH ciphersuites for certificates using SHA2 algorithms.
       o Various DTLS fixes.
 
-  Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d:
+  Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]:
 
       o Fix for security issue CVE-2011-0014
 
-  Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c:
+  Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]:
 
       o Fix for security issue CVE-2010-4180
       o Fix for CVE-2010-4252
@@ -85,18 +104,18 @@
       o Fix various platform compilation issues.
       o Corrected fix for security issue CVE-2010-3864.
 
-  Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b:
+  Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]:
 
       o Fix for security issue CVE-2010-3864.
       o Fix for CVE-2010-2939
       o Fix WIN32 build system for GOST ENGINE.
 
-  Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a:
+  Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]:
 
       o Fix for security issue CVE-2010-1633.
       o GOST MAC and CFB fixes.
 
-  Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0:
+  Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]:
 
       o RFC3280 path validation: sufficient to process PKITS tests.
       o Integrated support for PVK files and keyblobs.
@@ -119,20 +138,55 @@
       o Opaque PRF Input TLS extension support.
       o Updated time routines to avoid OS limitations.
 
-  Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r:
+  Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y [5 Feb 2013]:
+
+      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+      o Fix OCSP bad key DoS attack CVE-2013-0166
+
+  Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x [10 May 2012]:
+
+      o Fix DTLS record length checking bug CVE-2012-2333
+
+  Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w [23 Apr 2012]:
+
+      o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110)
+
+  Major changes between OpenSSL 0.9.8u and OpenSSL 0.9.8v [19 Apr 2012]:
+
+      o Fix for ASN1 overflow bug CVE-2012-2110
+
+  Major changes between OpenSSL 0.9.8t and OpenSSL 0.9.8u [12 Mar 2012]:
+
+      o Fix for CMS/PKCS#7 MMA CVE-2012-0884
+      o Corrected fix for CVE-2011-4619
+      o Various DTLS fixes.
+
+  Major changes between OpenSSL 0.9.8s and OpenSSL 0.9.8t [18 Jan 2012]:
+
+      o Fix for DTLS DoS issue CVE-2012-0050
+
+  Major changes between OpenSSL 0.9.8r and OpenSSL 0.9.8s [4 Jan 2012]:
+
+      o Fix for DTLS plaintext recovery attack CVE-2011-4108
+      o Fix policy check double free error CVE-2011-4109
+      o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
+      o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
+      o Check for malformed RFC3779 data CVE-2011-4577
+
+  Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r [8 Feb 2011]:
 
       o Fix for security issue CVE-2011-0014
 
-  Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q:
+  Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q [2 Dec 2010]:
 
       o Fix for security issue CVE-2010-4180
       o Fix for CVE-2010-4252
 
-  Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p:
+  Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p [16 Nov 2010]:
 
       o Fix for security issue CVE-2010-3864.
 
-  Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o:
+  Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o [1 Jun 2010]:
 
       o Fix for security issue CVE-2010-0742.
       o Various DTLS fixes.
@@ -140,12 +194,12 @@
       o Fix for no-rc4 compilation.
       o Chil ENGINE unload workaround.
 
-  Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n:
+  Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]:
 
       o CFB cipher definition fixes.
       o Fix security issues CVE-2010-0740 and CVE-2010-0433.
 
-  Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m:
+  Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010]:
 
       o Cipher definition fixes.
       o Workaround for slow RAND_poll() on some WIN32 versions.
@@ -157,33 +211,33 @@
       o Ticket and SNI coexistence fixes.
       o Many fixes to DTLS handling. 
 
-  Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l:
+  Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009]:
 
       o Temporary work around for CVE-2009-3555: disable renegotiation.
 
-  Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k:
+  Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009]:
 
       o Fix various build issues.
       o Fix security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789)
 
-  Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j:
+  Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009]:
 
       o Fix security issue (CVE-2008-5077)
       o Merge FIPS 140-2 branch code.
 
-  Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h:
+  Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008]:
 
       o CryptoAPI ENGINE support.
       o Various precautionary measures.
       o Fix for bugs affecting certificate request creation.
       o Support for local machine keyset attribute in PKCS#12 files.
 
-  Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g:
+  Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g [19 Oct 2007]:
 
       o Backport of CMS functionality to 0.9.8.
       o Fixes for bugs introduced with 0.9.8f.
 
-  Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f:
+  Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007]:
 
       o Add gcc 4.2 support.
       o Add support for AES and SSE2 assembly lanugauge optimization
@@ -194,23 +248,23 @@
       o RFC4507bis support.
       o TLS Extensions support.
 
-  Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e:
+  Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e [23 Feb 2007]:
 
       o Various ciphersuite selection fixes.
       o RFC3779 support.
 
-  Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d:
+  Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006]:
 
       o Introduce limits to prevent malicious key DoS  (CVE-2006-2940)
       o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
       o Changes to ciphersuite selection algorithm
 
-  Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c:
+  Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006]:
 
       o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
       o New cipher Camellia
 
-  Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b:
+  Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006]:
 
       o Cipher string fixes.
       o Fixes for VC++ 2005.
@@ -220,12 +274,12 @@
       o Built in dynamic engine compilation support on Win32.
       o Fixes auto dynamic engine loading in Win32.
 
-  Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a:
+  Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005]:
 
       o Fix potential SSL 2.0 rollback, CVE-2005-2969
       o Extended Windows CE support
 
-  Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8:
+  Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005]:
 
       o Major work on the BIGNUM library for higher efficiency and to
         make operations more streamlined and less contradictory.  This
@@ -299,36 +353,36 @@
       o Added initial support for Win64.
       o Added alternate pkg-config files.
 
-  Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m:
+  Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m [23 Feb 2007]:
 
       o FIPS 1.1.1 module linking.
       o Various ciphersuite selection fixes.
 
-  Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l:
+  Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006]:
 
       o Introduce limits to prevent malicious key DoS  (CVE-2006-2940)
       o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
 
-  Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k:
+  Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006]:
 
       o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
 
-  Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j:
+  Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006]:
 
       o Visual C++ 2005 fixes.
       o Update Windows build system for FIPS.
 
-  Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i:
+  Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]:
 
       o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
 
-  Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h:
+  Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]:
 
       o Fix SSL 2.0 Rollback, CVE-2005-2969
       o Allow use of fixed-length exponent on DSA signing
       o Default fixed-window RSA, DSA, DH private-key operations
 
-  Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g:
+  Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g [11 Apr 2005]:
 
       o More compilation issues fixed.
       o Adaptation to more modern Kerberos API.
@@ -337,7 +391,7 @@
       o More constification.
       o Added processing of proxy certificates (RFC 3820).
 
-  Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f:
+  Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f [22 Mar 2005]:
 
       o Several compilation issues fixed.
       o Many memory allocation failure checks added.
@@ -345,12 +399,12 @@
       o Mandatory basic checks on certificates.
       o Performance improvements.
 
-  Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e:
+  Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e [25 Oct 2004]:
 
       o Fix race condition in CRL checking code.
       o Fixes to PKCS#7 (S/MIME) code.
 
-  Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d:
+  Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d [17 Mar 2004]:
 
       o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
       o Security: Fix null-pointer assignment in do_change_cipher_spec()
@@ -358,14 +412,14 @@
       o Multiple X509 verification fixes
       o Speed up HMAC and other operations
 
-  Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c:
+  Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c [30 Sep 2003]:
 
       o Security: fix various ASN1 parsing bugs.
       o New -ignore_err option to OCSP utility.
       o Various interop and bug fixes in S/MIME code.
       o SSL/TLS protocol fix for unrequested client certificates.
 
-  Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b:
+  Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003]:
 
       o Security: counter the Klima-Pokorny-Rosa extension of
         Bleichbacher's attack 
@@ -376,7 +430,7 @@
       o ASN.1: treat domainComponent correctly.
       o Documentation: fixes and additions.
 
-  Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a:
+  Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a [19 Feb 2003]:
 
       o Security: Important security related bugfixes.
       o Enhanced compatibility with MIT Kerberos.
@@ -387,7 +441,7 @@
       o SSL/TLS: now handles manual certificate chain building.
       o SSL/TLS: certain session ID malfunctions corrected.
 
-  Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7:
+  Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7 [30 Dec 2002]:
 
       o New library section OCSP.
       o Complete rewrite of ASN1 code.
@@ -433,23 +487,23 @@
       o SSL/TLS: add callback to retrieve SSL/TLS messages.
       o SSL/TLS: support AES cipher suites (RFC3268).
 
-  Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k:
+  Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k [30 Sep 2003]:
 
       o Security: fix various ASN1 parsing bugs.
       o SSL/TLS protocol fix for unrequested client certificates.
 
-  Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j:
+  Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003]:
 
       o Security: counter the Klima-Pokorny-Rosa extension of
         Bleichbacher's attack 
       o Security: make RSA blinding default.
       o Build: shared library support fixes.
 
-  Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i:
+  Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i [19 Feb 2003]:
 
       o Important security related bugfixes.
 
-  Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h:
+  Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h [5 Dec 2002]:
 
       o New configuration targets for Tandem OSS and A/UX.
       o New OIDs for Microsoft attributes.
@@ -463,25 +517,25 @@
       o Fixes for smaller building problems.
       o Updates of manuals, FAQ and other instructive documents.
 
-  Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g:
+  Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g [9 Aug 2002]:
 
       o Important building fixes on Unix.
 
-  Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f:
+  Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f [8 Aug 2002]:
 
       o Various important bugfixes.
 
-  Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e:
+  Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e [30 Jul 2002]:
 
       o Important security related bugfixes.
       o Various SSL/TLS library bugfixes.
 
-  Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d:
+  Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d [9 May 2002]:
 
       o Various SSL/TLS library bugfixes.
       o Fix DH parameter generation for 'non-standard' generators.
 
-  Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c:
+  Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c [21 Dec 2001]:
 
       o Various SSL/TLS library bugfixes.
       o BIGNUM library fixes.
@@ -494,7 +548,7 @@
         Broadcom and Cryptographic Appliance's keyserver
         [in 0.9.6c-engine release].
 
-  Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b:
+  Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b [9 Jul 2001]:
 
       o Security fix: PRNG improvements.
       o Security fix: RSA OAEP check.
@@ -511,7 +565,7 @@
       o Increase default size for BIO buffering filter.
       o Compatibility fixes in some scripts.
 
-  Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a:
+  Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a [5 Apr 2001]:
 
       o Security fix: change behavior of OpenSSL to avoid using
         environment variables when running as root.
@@ -536,7 +590,7 @@
       o New function BN_rand_range().
       o Add "-rand" option to openssl s_client and s_server.
 
-  Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6:
+  Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6 [10 Oct 2000]:
 
       o Some documentation for BIO and SSL libraries.
       o Enhanced chain verification using key identifiers.
@@ -551,7 +605,7 @@
     [1] The support for external crypto devices is currently a separate
         distribution.  See the file README.ENGINE.
 
-  Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a:
+  Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]:
 
       o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8 
       o Shared library support for HPUX and Solaris-gcc
@@ -560,7 +614,7 @@
       o New 'rand' application
       o New way to check for existence of algorithms from scripts
 
-  Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5:
+  Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5 [25 May 2000]:
 
       o S/MIME support in new 'smime' command
       o Documentation for the OpenSSL command line application
@@ -596,7 +650,7 @@
       o Enhanced support for Alpha Linux
       o Experimental MacOS support
 
-  Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4:
+  Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4 [9 Aug 1999]:
 
       o Transparent support for PKCS#8 format private keys: these are used
         by several software packages and are more secure than the standard
@@ -607,7 +661,7 @@
       o New pipe-like BIO that allows using the SSL library when actual I/O
         must be handled by the application (BIO pair)
 
-  Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3:
+  Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3 [24 May 1999]:
       o Lots of enhancements and cleanups to the Configuration mechanism
       o RSA OEAP related fixes
       o Added `openssl ca -revoke' option for revoking a certificate
@@ -621,7 +675,7 @@
       o Sparc assembler bignum implementation, optimized hash functions
       o Option to disable selected ciphers
 
-  Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b:
+  Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b [22 Mar 1999]:
       o Fixed a security hole related to session resumption
       o Fixed RSA encryption routines for the p < q case
       o "ALL" in cipher lists now means "everything except NULL ciphers"
@@ -643,7 +697,7 @@
       o Lots of memory leak fixes.
       o Lots of bug fixes.
 
-  Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c:
+  Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c [23 Dec 1998]:
       o Integration of the popular NO_RSA/NO_DSA patches
       o Initial support for compression inside the SSL record layer
       o Added BIO proxy and filtering functionality

deps/openssl/openssl/README

@@ -1,5 +1,5 @@
 
- OpenSSL 1.0.1e 11 Feb 2013
+ OpenSSL 1.0.1f 6 Jan 2014
 
  Copyright (c) 1998-2011 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

deps/openssl/openssl/apps/Makefile

@@ -577,14 +577,15 @@ openssl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
 openssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 openssl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
 openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-openssl.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
+openssl.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
-openssl.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+openssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-openssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+openssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
-openssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-openssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-openssl.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+openssl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-openssl.o: ../include/openssl/x509v3.h apps.h openssl.c progs.h s_apps.h
+openssl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+openssl.o: openssl.c progs.h s_apps.h
 passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
 passwd.o: ../include/openssl/buffer.h ../include/openssl/conf.h
 passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h

deps/openssl/openssl/apps/apps.h

@@ -188,6 +188,7 @@ extern BIO *bio_err;
 			do { CONF_modules_unload(1); destroy_ui_method(); \
 			OBJ_cleanup(); EVP_cleanup(); ENGINE_cleanup(); \
 			CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
+			RAND_cleanup(); \
 			ERR_free_strings(); zlib_cleanup();} while(0)
 #  else
 #    define apps_startup() \
@@ -198,6 +199,7 @@ extern BIO *bio_err;
 			do { CONF_modules_unload(1); destroy_ui_method(); \
 			OBJ_cleanup(); EVP_cleanup(); \
 			CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
+			RAND_cleanup(); \
 			ERR_free_strings(); zlib_cleanup(); } while(0)
 #  endif
 #endif

deps/openssl/openssl/apps/openssl.c

@@ -117,6 +117,7 @@
 #include "apps.h"
 #include <openssl/bio.h>
 #include <openssl/crypto.h>
+#include <openssl/rand.h>
 #include <openssl/lhash.h>
 #include <openssl/conf.h>
 #include <openssl/x509.h>

deps/openssl/openssl/apps/pkcs12.c

@@ -112,7 +112,7 @@ int MAIN(int argc, char **argv)
     int maciter = PKCS12_DEFAULT_ITER;
     int twopass = 0;
     int keytype = 0;
-    int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+    int cert_pbe;
     int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
     int ret = 1;
     int macver = 1;
@@ -130,6 +130,13 @@ int MAIN(int argc, char **argv)
 
     apps_startup();
 
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+	cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+    else
+#endif
+    cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+
     enc = EVP_des_ede3_cbc();
     if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
 

deps/openssl/openssl/apps/s_client.c

@@ -178,13 +178,6 @@ typedef unsigned int u_int;
 #include <fcntl.h>
 #endif
 
-/* Use Windows API with STD_INPUT_HANDLE when checking for input?
-   Don't look at OPENSSL_SYS_MSDOS for this, since it is always defined if
-   OPENSSL_SYS_WINDOWS is defined */
-#if defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_WINCE) && defined(STD_INPUT_HANDLE)
-#define OPENSSL_USE_STD_INPUT_HANDLE
-#endif
-
 #undef PROG
 #define PROG	s_client_main
 
@@ -1611,10 +1604,10 @@ SSL_set_tlsext_status_ids(con, ids);
 					tv.tv_usec = 0;
 					i=select(width,(void *)&readfds,(void *)&writefds,
 						 NULL,&tv);
-#if defined(OPENSSL_USE_STD_INPUT_HANDLE)
+#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
-					if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue;
-#else
 					if(!i && (!_kbhit() || !read_tty) ) continue;
+#else
+					if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue;
 #endif
 				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
 					 NULL,timeoutp);
@@ -1819,10 +1812,10 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
 			}
 
 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
-#if defined(OPENSSL_USE_STD_INPUT_HANDLE)
+#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
-		else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
-#else
 		else if (_kbhit())
+#else
+		else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
 #endif
 #elif defined (OPENSSL_SYS_NETWARE)
 		else if (_kbhit())

deps/openssl/openssl/config

@@ -739,7 +739,7 @@ case "$GUESSOS" in
 			    libc=/usr/lib/libc.so
 			else					# OpenBSD
 			    # ld searches for highest libc.so.* and so do we
-			    libc=`(ls /usr/lib/libc.so.* | tail -1) 2>/dev/null`
+			    libc=`(ls /usr/lib/libc.so.* /lib/libc.so.* | tail -1) 2>/dev/null`
 			fi
 			case "`(file -L $libc) 2>/dev/null`" in
 			*ELF*)	OUT="BSD-x86-elf" ;;

deps/openssl/openssl/crypto/Makefile

@@ -77,7 +77,9 @@ ia64cpuid.s: ia64cpuid.S;	$(CC) $(CFLAGS) -E ia64cpuid.S > $@
 ppccpuid.s:	ppccpuid.pl;	$(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
 pariscid.s:	pariscid.pl;	$(PERL) pariscid.pl $(PERLASM_SCHEME) $@
 alphacpuid.s:	alphacpuid.pl
-	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
+	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+	$(PERL) alphacpuid.pl > $$preproc && \
+	$(CC) -E $$preproc > $@ && rm $$preproc)
 
 testapps:
 	[ -z "$(THIS)" ] || (	if echo $(SDIRS) | fgrep ' des '; \

deps/openssl/openssl/crypto/aes/asm/aes-586.pl

@@ -2054,8 +2054,8 @@ my $mark=&DWP(76+240,"esp");	# copy of aes_key->rounds
 	&test	($s2,15);
 	&jnz	(&label("slow_way"));
 					if (!$x86only) {
-	#&bt	(&DWP(0,$s0),28);	# check for hyper-threading bit
+	&bt	(&DWP(0,$s0),28);	# check for hyper-threading bit
-	#&jc	(&label("slow_way"));
+	&jc	(&label("slow_way"));
 					}
 	# pre-allocate aligned stack frame...
 	&lea	($acc,&DWP(-80-244,"esp"));

deps/openssl/openssl/crypto/aes/asm/aes-parisc.pl

@@ -1015,7 +1015,8 @@ foreach (split("\n",$code)) {
 		$SIZE_T==4 ? sprintf("extru%s,%d,8,",$1,31-$2)
 		:            sprintf("extrd,u%s,%d,8,",$1,63-$2)/e;
 
-	s/,\*/,/ if ($SIZE_T==4);
+	s/,\*/,/			if ($SIZE_T==4);
+	s/\bbv\b(.*\(%r2\))/bve$1/	if ($SIZE_T==8);
 	print $_,"\n";
 }
 close STDOUT;

deps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl

@@ -1684,8 +1684,8 @@ AES_cbc_encrypt:
 	jb	.Lcbc_slow_prologue
 	test	\$15,%rdx
 	jnz	.Lcbc_slow_prologue
-	#bt	\$28,%r10d
+	bt	\$28,%r10d
-	#jc	.Lcbc_slow_prologue
+	jc	.Lcbc_slow_prologue
 
 	# allocate aligned stack frame...
 	lea	-88-248(%rsp),$key

deps/openssl/openssl/crypto/aes/asm/bsaes-x86_64.pl

@@ -83,9 +83,9 @@
 # Add decryption procedure. Performance in CPU cycles spent to decrypt
 # one byte out of 4096-byte buffer with 128-bit key is:
 #
-# Core 2	11.0
+# Core 2	9.83
-# Nehalem	9.16
+# Nehalem	7.74
-# Atom		20.9
+# Atom		19.0
 #
 # November 2011.
 #
@@ -456,6 +456,7 @@ sub MixColumns {
 # modified to emit output in order suitable for feeding back to aesenc[last]
 my @x=@_[0..7];
 my @t=@_[8..15];
+my $inv=@_[16];	# optional
 $code.=<<___;
 	pshufd	\$0x93, @x[0], @t[0]	# x0 <<< 32
 	pshufd	\$0x93, @x[1], @t[1]
@@ -497,7 +498,8 @@ $code.=<<___;
 	pxor	@t[4], @t[0]
 	 pshufd	\$0x4E, @x[2], @x[6]
 	pxor	@t[5], @t[1]
-
+___
+$code.=<<___ if (!$inv);
 	pxor	@t[3], @x[4]
 	pxor	@t[7], @x[5]
 	pxor	@t[6], @x[3]
@@ -505,9 +507,20 @@ $code.=<<___;
 	pxor	@t[2], @x[6]
 	 movdqa	@t[1], @x[7]
 ___
+$code.=<<___ if ($inv);
+	pxor	@x[4], @t[3]
+	pxor	@t[7], @x[5]
+	pxor	@x[3], @t[6]
+	 movdqa	@t[0], @x[3]
+	pxor	@t[2], @x[6]
+	 movdqa	@t[6], @x[2]
+	 movdqa	@t[1], @x[7]
+	 movdqa	@x[6], @x[4]
+	 movdqa	@t[3], @x[6]
+___
 }
 
-sub InvMixColumns {
+sub InvMixColumns_orig {
 my @x=@_[0..7];
 my @t=@_[8..15];
 
@@ -661,6 +674,54 @@ $code.=<<___;
 ___
 }
 
+sub InvMixColumns {
+my @x=@_[0..7];
+my @t=@_[8..15];
+
+# Thanks to Jussi Kivilinna for providing pointer to
+#
+# | 0e 0b 0d 09 |   | 02 03 01 01 |   | 05 00 04 00 |
+# | 09 0e 0b 0d | = | 01 02 03 01 | x | 00 05 00 04 |
+# | 0d 09 0e 0b |   | 01 01 02 03 |   | 04 00 05 00 |
+# | 0b 0d 09 0e |   | 03 01 01 02 |   | 00 04 00 05 |
+
+$code.=<<___;
+	# multiplication by 0x05-0x00-0x04-0x00
+	pshufd	\$0x4E, @x[0], @t[0]
+	pshufd	\$0x4E, @x[6], @t[6]
+	pxor	@x[0], @t[0]
+	pshufd	\$0x4E, @x[7], @t[7]
+	pxor	@x[6], @t[6]
+	pshufd	\$0x4E, @x[1], @t[1]
+	pxor	@x[7], @t[7]
+	pshufd	\$0x4E, @x[2], @t[2]
+	pxor	@x[1], @t[1]
+	pshufd	\$0x4E, @x[3], @t[3]
+	pxor	@x[2], @t[2]
+	 pxor	@t[6], @x[0]
+	 pxor	@t[6], @x[1]
+	pshufd	\$0x4E, @x[4], @t[4]
+	pxor	@x[3], @t[3]
+	 pxor	@t[0], @x[2]
+	 pxor	@t[1], @x[3]
+	pshufd	\$0x4E, @x[5], @t[5]
+	pxor	@x[4], @t[4]
+	 pxor	@t[7], @x[1]
+	 pxor	@t[2], @x[4]
+	pxor	@x[5], @t[5]
+
+	 pxor	@t[7], @x[2]
+	 pxor	@t[6], @x[3]
+	 pxor	@t[6], @x[4]
+	 pxor	@t[3], @x[5]
+	 pxor	@t[4], @x[6]
+	 pxor	@t[7], @x[4]
+	 pxor	@t[7], @x[5]
+	 pxor	@t[5], @x[7]
+___
+	&MixColumns	(@x,@t,1);	# flipped 2<->3 and 4<->6
+}
+
 sub aesenc {				# not used
 my @b=@_[0..7];
 my @t=@_[8..15];
@@ -2028,6 +2089,8 @@ ___
 #	const unsigned char iv[16]);
 #
 my ($twmask,$twres,$twtmp)=@XMM[13..15];
+$arg6=~s/d$//;
+
 $code.=<<___;
 .globl	bsaes_xts_encrypt
 .type	bsaes_xts_encrypt,\@abi-omnipotent

deps/openssl/openssl/crypto/armcap.c

@@ -23,7 +23,7 @@ unsigned int _armv7_tick(void);
 
 unsigned int OPENSSL_rdtsc(void)
 	{
-	if (OPENSSL_armcap_P|ARMV7_TICK)
+	if (OPENSSL_armcap_P & ARMV7_TICK)
 		return _armv7_tick();
 	else
 		return 0;

deps/openssl/openssl/crypto/asn1/a_int.c

@@ -116,7 +116,7 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
 	int pad=0,ret,i,neg;
 	unsigned char *p,*n,pb=0;
 
-	if ((a == NULL) || (a->data == NULL)) return(0);
+	if (a == NULL) return(0);
 	neg=a->type & V_ASN1_NEG;
 	if (a->length == 0)
 		ret=1;

deps/openssl/openssl/crypto/asn1/a_strex.c

@@ -566,7 +566,6 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
 	mbflag = tag2nbyte[type];
 	if(mbflag == -1) return -1;
 	mbflag |= MBSTRING_FLAG;
-	memset(&stmp, 0, sizeof(stmp));
 	stmp.data = NULL;
 	stmp.length = 0;
 	ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING);

deps/openssl/openssl/crypto/bio/bss_dgram.c

@@ -907,7 +907,7 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag)
 	ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, &sockopt_len);
 	OPENSSL_assert(ret >= 0);
 
-	for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t);
+	for (p = (unsigned char*) authchunks->gauth_chunks;
 	     p < (unsigned char*) authchunks + sockopt_len;
 	     p += sizeof(uint8_t))
 		{
@@ -1197,7 +1197,7 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
 			ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS, authchunks, &optlen);
 			OPENSSL_assert(ii >= 0);
 
-			for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t);
+			for (p = (unsigned char*) authchunks->gauth_chunks;
 				 p < (unsigned char*) authchunks + optlen;
 				 p += sizeof(uint8_t))
 				{

deps/openssl/openssl/crypto/bn/Makefile

@@ -125,7 +125,9 @@ ppc-mont.s:	asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
 ppc64-mont.s:	asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
 
 alpha-mont.s:	asm/alpha-mont.pl
-	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
+	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+	$(PERL) asm/alpha-mont.pl > $$preproc && \
+	$(CC) -E $$preproc > $@ && rm $$preproc)
 
 # GNU make "catch all"
 %-mont.s:	asm/%-mont.pl;	$(PERL) $< $(PERLASM_SCHEME) $@

deps/openssl/openssl/crypto/bn/asm/mips-mont.pl

@@ -133,7 +133,7 @@ $code.=<<___;
 	bnez	$at,1f
 	li	$t0,0
 	slt	$at,$num,17	# on in-order CPU
-	bnezl	$at,bn_mul_mont_internal
+	bnez	$at,bn_mul_mont_internal
 	nop
 1:	jr	$ra
 	li	$a0,0

deps/openssl/openssl/crypto/bn/asm/mips.pl

@@ -140,10 +140,10 @@ $code.=<<___;
 	.set	reorder
 	li	$minus4,-4
 	and	$ta0,$a2,$minus4
-	$LD	$t0,0($a1)
 	beqz	$ta0,.L_bn_mul_add_words_tail
 
 .L_bn_mul_add_words_loop:
+	$LD	$t0,0($a1)
 	$MULTU	$t0,$a3
 	$LD	$t1,0($a0)
 	$LD	$t2,$BNSZ($a1)
@@ -200,10 +200,9 @@ $code.=<<___;
 	$ADDU	$v0,$ta2
 	sltu	$at,$ta3,$at
 	$ST	$ta3,-$BNSZ($a0)
-	$ADDU	$v0,$at
 	.set	noreorder
-	bgtzl	$ta0,.L_bn_mul_add_words_loop
+	bgtz	$ta0,.L_bn_mul_add_words_loop
-	$LD	$t0,0($a1)
+	$ADDU	$v0,$at
 
 	beqz	$a2,.L_bn_mul_add_words_return
 	nop
@@ -300,10 +299,10 @@ $code.=<<___;
 	.set	reorder
 	li	$minus4,-4
 	and	$ta0,$a2,$minus4
-	$LD	$t0,0($a1)
 	beqz	$ta0,.L_bn_mul_words_tail
 
 .L_bn_mul_words_loop:
+	$LD	$t0,0($a1)
 	$MULTU	$t0,$a3
 	$LD	$t2,$BNSZ($a1)
 	$LD	$ta0,2*$BNSZ($a1)
@@ -341,10 +340,9 @@ $code.=<<___;
 	$ADDU	$v0,$at
 	sltu	$ta3,$v0,$at
 	$ST	$v0,-$BNSZ($a0)
-	$ADDU	$v0,$ta3,$ta2
 	.set	noreorder
-	bgtzl	$ta0,.L_bn_mul_words_loop
+	bgtz	$ta0,.L_bn_mul_words_loop
-	$LD	$t0,0($a1)
+	$ADDU	$v0,$ta3,$ta2
 
 	beqz	$a2,.L_bn_mul_words_return
 	nop
@@ -429,10 +427,10 @@ $code.=<<___;
 	.set	reorder
 	li	$minus4,-4
 	and	$ta0,$a2,$minus4
-	$LD	$t0,0($a1)
 	beqz	$ta0,.L_bn_sqr_words_tail
 
 .L_bn_sqr_words_loop:
+	$LD	$t0,0($a1)
 	$MULTU	$t0,$t0
 	$LD	$t2,$BNSZ($a1)
 	$LD	$ta0,2*$BNSZ($a1)
@@ -463,11 +461,10 @@ $code.=<<___;
 	mflo	$ta3
 	mfhi	$ta2
 	$ST	$ta3,-2*$BNSZ($a0)
-	$ST	$ta2,-$BNSZ($a0)
 
 	.set	noreorder
-	bgtzl	$ta0,.L_bn_sqr_words_loop
+	bgtz	$ta0,.L_bn_sqr_words_loop
-	$LD	$t0,0($a1)
+	$ST	$ta2,-$BNSZ($a0)
 
 	beqz	$a2,.L_bn_sqr_words_return
 	nop
@@ -547,10 +544,10 @@ $code.=<<___;
 	.set	reorder
 	li	$minus4,-4
 	and	$at,$a3,$minus4
-	$LD	$t0,0($a1)
 	beqz	$at,.L_bn_add_words_tail
 
 .L_bn_add_words_loop:
+	$LD	$t0,0($a1)
 	$LD	$ta0,0($a2)
 	subu	$a3,4
 	$LD	$t1,$BNSZ($a1)
@@ -589,11 +586,10 @@ $code.=<<___;
 	$ADDU	$t3,$ta3,$v0
 	sltu	$v0,$t3,$ta3
 	$ST	$t3,-$BNSZ($a0)
-	$ADDU	$v0,$t9
 	
 	.set	noreorder
-	bgtzl	$at,.L_bn_add_words_loop
+	bgtz	$at,.L_bn_add_words_loop
-	$LD	$t0,0($a1)
+	$ADDU	$v0,$t9
 
 	beqz	$a3,.L_bn_add_words_return
 	nop
@@ -679,10 +675,10 @@ $code.=<<___;
 	.set	reorder
 	li	$minus4,-4
 	and	$at,$a3,$minus4
-	$LD	$t0,0($a1)
 	beqz	$at,.L_bn_sub_words_tail
 
 .L_bn_sub_words_loop:
+	$LD	$t0,0($a1)
 	$LD	$ta0,0($a2)
 	subu	$a3,4
 	$LD	$t1,$BNSZ($a1)
@@ -722,11 +718,10 @@ $code.=<<___;
 	$SUBU	$t3,$ta3,$v0
 	sgtu	$v0,$t3,$ta3
 	$ST	$t3,-$BNSZ($a0)
-	$ADDU	$v0,$t9
 
 	.set	noreorder
-	bgtzl	$at,.L_bn_sub_words_loop
+	bgtz	$at,.L_bn_sub_words_loop
-	$LD	$t0,0($a1)
+	$ADDU	$v0,$t9
 
 	beqz	$a3,.L_bn_sub_words_return
 	nop
@@ -840,8 +835,9 @@ $code.=<<___;
 	sltu	$ta0,$a1,$a2
 	or	$t8,$ta0
 	.set	noreorder
-	beqzl	$at,.L_bn_div_3_words_inner_loop
+	beqz	$at,.L_bn_div_3_words_inner_loop
 	$SUBU	$v0,1
+	$ADDU	$v0,1
 	.set	reorder
 .L_bn_div_3_words_inner_loop_done:
 	.set	noreorder
@@ -902,7 +898,8 @@ $code.=<<___;
 	and	$t2,$a0
 	$SRL	$at,$a1,$t1
 	.set	noreorder
-	bnezl	$t2,.+8
+	beqz	$t2,.+12
+	nop
 	break	6		# signal overflow
 	.set	reorder
 	$SLL	$a0,$t9
@@ -917,7 +914,8 @@ $code.=<<___;
 	$SRL	$DH,$a2,4*$BNSZ	# bits
 	sgeu	$at,$a0,$a2
 	.set	noreorder
-	bnezl	$at,.+8
+	beqz	$at,.+12
+	nop
 	$SUBU	$a0,$a2
 	.set	reorder
 

deps/openssl/openssl/crypto/bn/asm/parisc-mont.pl

@@ -40,7 +40,7 @@
 # of arithmetic operations, most notably multiplications. It requires
 # more memory references, most notably to tp[num], but this doesn't
 # seem to exhaust memory port capacity. And indeed, dedicated PA-RISC
-# 2.0 code path, provides virtually same performance as pa-risc2[W].s:
+# 2.0 code path provides virtually same performance as pa-risc2[W].s:
 # it's ~10% better for shortest key length and ~10% worse for longest
 # one.
 #
@@ -988,6 +988,8 @@ foreach (split("\n",$code)) {
 	# assemble 2.0 instructions in 32-bit mode...
 	s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($BN_SZ==4);
 
+	s/\bbv\b/bve/gm	if ($SIZE_T==8);
+
 	print $_,"\n";
 }
 close STDOUT;

deps/openssl/openssl/crypto/bn/asm/x86_64-gf2m.pl

@@ -31,7 +31,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
 ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
 die "can't locate x86_64-xlate.pl";
 
-open STDOUT,"| \"$^X\" $xlate $flavour $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
 
 ($lo,$hi)=("%rax","%rdx");	$a=$lo;
 ($i0,$i1)=("%rsi","%rdi");

deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl

@@ -901,8 +901,8 @@ $code.=<<___;
 	jnz	.Lgather
 ___
 $code.=<<___ if ($win64);
-	movaps	%xmm6,(%rsp)
+	movaps	(%rsp),%xmm6
-	movaps	%xmm7,0x10(%rsp)
+	movaps	0x10(%rsp),%xmm7
 	lea	0x28(%rsp),%rsp
 ___
 $code.=<<___;

deps/openssl/openssl/crypto/bn/bn_nist.c

@@ -286,26 +286,25 @@ const BIGNUM *BN_get0_nist_prime_521(void)
 	}
 
 
-static void nist_cp_bn_0(BN_ULONG *buf, BN_ULONG *a, int top, int max)
+static void nist_cp_bn_0(BN_ULONG *dst, const BN_ULONG *src, int top, int max)
 	{
 	int i;
-	BN_ULONG *_tmp1 = (buf), *_tmp2 = (a);
 
 #ifdef BN_DEBUG
 	OPENSSL_assert(top <= max);
 #endif
-	for (i = (top); i != 0; i--)
+	for (i = 0; i < top; i++)
-		*_tmp1++ = *_tmp2++;
+		dst[i] = src[i];
-	for (i = (max) - (top); i != 0; i--)
+	for (; i < max; i++)
-		*_tmp1++ = (BN_ULONG) 0;
+		dst[i] = 0;
 	}
 
-static void nist_cp_bn(BN_ULONG *buf, BN_ULONG *a, int top)
+static void nist_cp_bn(BN_ULONG *dst, const BN_ULONG *src, int top)
 	{ 
 	int i;
-	BN_ULONG *_tmp1 = (buf), *_tmp2 = (a);
+
-	for (i = (top); i != 0; i--)
+	for (i = 0; i < top; i++)
-		*_tmp1++ = *_tmp2++;
+		dst[i] = src[i];
 	}
 
 #if BN_BITS2 == 64
@@ -451,8 +450,9 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 	 */
 	mask  = 0-(PTR_SIZE_INT)bn_sub_words(c_d,r_d,_nist_p_192[0],BN_NIST_192_TOP);
 	mask &= 0-(PTR_SIZE_INT)carry;
+	res   = c_d;
 	res   = (BN_ULONG *)
-	 (((PTR_SIZE_INT)c_d&~mask) | ((PTR_SIZE_INT)r_d&mask));
+	 (((PTR_SIZE_INT)res&~mask) | ((PTR_SIZE_INT)r_d&mask));
 	nist_cp_bn(r_d, res, BN_NIST_192_TOP);
 	r->top = BN_NIST_192_TOP;
 	bn_correct_top(r);
@@ -479,8 +479,11 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 	int	top = a->top, i;
 	int	carry;
 	BN_ULONG *r_d, *a_d = a->d;
-	BN_ULONG buf[BN_NIST_224_TOP],
+	union	{
-		 c_d[BN_NIST_224_TOP],
+		BN_ULONG	bn[BN_NIST_224_TOP];
+		unsigned int	ui[BN_NIST_224_TOP*sizeof(BN_ULONG)/sizeof(unsigned int)];
+		} buf;
+	BN_ULONG c_d[BN_NIST_224_TOP],
 		*res;
 	PTR_SIZE_INT mask;
 	union { bn_addsub_f f; PTR_SIZE_INT p; } u;
@@ -519,18 +522,18 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 	/* copy upper 256 bits of 448 bit number ... */
 	nist_cp_bn_0(c_d, a_d + (BN_NIST_224_TOP-1), top - (BN_NIST_224_TOP-1), BN_NIST_224_TOP);
 	/* ... and right shift by 32 to obtain upper 224 bits */
-	nist_set_224(buf, c_d, 14, 13, 12, 11, 10, 9, 8);
+	nist_set_224(buf.bn, c_d, 14, 13, 12, 11, 10, 9, 8);
 	/* truncate lower part to 224 bits too */
 	r_d[BN_NIST_224_TOP-1] &= BN_MASK2l;
 #else
-	nist_cp_bn_0(buf, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP, BN_NIST_224_TOP);
+	nist_cp_bn_0(buf.bn, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP, BN_NIST_224_TOP);
 #endif
 
 #if defined(NIST_INT64) && BN_BITS2!=64
 	{
 	NIST_INT64		acc;	/* accumulator */
 	unsigned int		*rp=(unsigned int *)r_d;
-	const unsigned int	*bp=(const unsigned int *)buf;
+	const unsigned int	*bp=(const unsigned int *)buf.ui;
 
 	acc  = rp[0];	acc -= bp[7-7];
 			acc -= bp[11-7]; rp[0] = (unsigned int)acc; acc >>= 32;
@@ -565,13 +568,13 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 	{
 	BN_ULONG t_d[BN_NIST_224_TOP];
 
-	nist_set_224(t_d, buf, 10, 9, 8, 7, 0, 0, 0);
+	nist_set_224(t_d, buf.bn, 10, 9, 8, 7, 0, 0, 0);
 	carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-	nist_set_224(t_d, buf, 0, 13, 12, 11, 0, 0, 0);
+	nist_set_224(t_d, buf.bn, 0, 13, 12, 11, 0, 0, 0);
 	carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-	nist_set_224(t_d, buf, 13, 12, 11, 10, 9, 8, 7);
+	nist_set_224(t_d, buf.bn, 13, 12, 11, 10, 9, 8, 7);
 	carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-	nist_set_224(t_d, buf, 0, 0, 0, 0, 13, 12, 11);
+	nist_set_224(t_d, buf.bn, 0, 0, 0, 0, 13, 12, 11);
 	carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
 
 #if BN_BITS2==64
@@ -606,7 +609,8 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 	/* otherwise it's effectively same as in BN_nist_mod_192... */
 	mask  = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_224[0],BN_NIST_224_TOP);
 	mask &= 0-(PTR_SIZE_INT)carry;
-	res   = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
+	res   = c_d;
+	res   = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
 	 ((PTR_SIZE_INT)r_d&mask));
 	nist_cp_bn(r_d, res, BN_NIST_224_TOP);
 	r->top = BN_NIST_224_TOP;
@@ -805,7 +809,8 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 
 	mask  = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_256[0],BN_NIST_256_TOP);
 	mask &= 0-(PTR_SIZE_INT)carry;
-	res   = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
+	res   = c_d;
+	res   = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
 	 ((PTR_SIZE_INT)r_d&mask));
 	nist_cp_bn(r_d, res, BN_NIST_256_TOP);
 	r->top = BN_NIST_256_TOP;
@@ -1026,7 +1031,8 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 
 	mask  = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_384[0],BN_NIST_384_TOP);
 	mask &= 0-(PTR_SIZE_INT)carry;
-	res   = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
+	res   = c_d;
+	res   = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
 	 ((PTR_SIZE_INT)r_d&mask));
 	nist_cp_bn(r_d, res, BN_NIST_384_TOP);
 	r->top = BN_NIST_384_TOP;
@@ -1092,7 +1098,8 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 
 	bn_add_words(r_d,r_d,t_d,BN_NIST_521_TOP);
 	mask = 0-(PTR_SIZE_INT)bn_sub_words(t_d,r_d,_nist_p_521,BN_NIST_521_TOP);
-	res  = (BN_ULONG *)(((PTR_SIZE_INT)t_d&~mask) |
+	res  = t_d;
+	res  = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
 	 ((PTR_SIZE_INT)r_d&mask));
 	nist_cp_bn(r_d,res,BN_NIST_521_TOP);
 	r->top = BN_NIST_521_TOP;

deps/openssl/openssl/crypto/buffer/buffer.c

@@ -179,14 +179,14 @@ int BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
 	return(len);
 	}
 
-void BUF_reverse(unsigned char *out, unsigned char *in, size_t size)
+void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size)
 	{
 	size_t i;
 	if (in)
 		{
 		out += size - 1;
 		for (i = 0; i < size; i++)
-			*in++ = *out--;
+			*out-- = *in++;
 		}
 	else
 		{

deps/openssl/openssl/crypto/buffer/buffer.h

@@ -88,7 +88,7 @@ int	BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
 char *	BUF_strdup(const char *str);
 char *	BUF_strndup(const char *str, size_t siz);
 void *	BUF_memdup(const void *data, size_t siz);
-void	BUF_reverse(unsigned char *out, unsigned char *in, size_t siz);
+void	BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
 
 /* safe string functions */
 size_t BUF_strlcpy(char *dst,const char *src,size_t siz);

deps/openssl/openssl/crypto/ec/ec_ameth.c

@@ -88,7 +88,7 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
 		if (!pstr)
 			return 0;
 		pstr->length = i2d_ECParameters(ec_key, &pstr->data);
-		if (pstr->length < 0)
+		if (pstr->length <= 0)
 			{
 			ASN1_STRING_free(pstr);
 			ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB);

deps/openssl/openssl/crypto/ec/ec_asn1.c

@@ -89,7 +89,8 @@ int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
 	if (group == NULL)
 		return 0;
 
-	if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve
+	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
+	    NID_X9_62_characteristic_two_field
 	    || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0)))
 		{
 		ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
@@ -107,7 +108,8 @@ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
 	if (group == NULL)
 		return 0;
 
-	if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve
+	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
+	    NID_X9_62_characteristic_two_field
 	    || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0)))
 		{
 		ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);

deps/openssl/openssl/crypto/ec/ec_lib.c

@@ -480,10 +480,10 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx)
 	if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) !=
 	    EC_METHOD_get_field_type(EC_GROUP_method_of(b)))
 		return 1;
-	/* compare the curve name (if present) */
+	/* compare the curve name (if present in both) */
 	if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) &&
-	    EC_GROUP_get_curve_name(a) == EC_GROUP_get_curve_name(b))
+	    EC_GROUP_get_curve_name(a) != EC_GROUP_get_curve_name(b))
-		return 0;
+		return 1;
 
 	if (!ctx)
 		ctx_new = ctx = BN_CTX_new();
@@ -993,12 +993,12 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN
 	if (group->meth->point_cmp == 0)
 		{
 		ECerr(EC_F_EC_POINT_CMP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
+		return -1;
 		}
 	if ((group->meth != a->meth) || (a->meth != b->meth))
 		{
 		ECerr(EC_F_EC_POINT_CMP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
+		return -1;
 		}
 	return group->meth->point_cmp(group, a, b, ctx);
 	}

deps/openssl/openssl/crypto/engine/eng_rdrand.c

@@ -104,6 +104,7 @@ static int bind_helper(ENGINE *e)
 	{
 	if (!ENGINE_set_id(e, engine_e_rdrand_id) ||
 	    !ENGINE_set_name(e, engine_e_rdrand_name) ||
+            !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) ||
 	    !ENGINE_set_init_function(e, rdrand_init) ||
 	    !ENGINE_set_RAND(e, &rdrand_meth) )
 		return 0;

deps/openssl/openssl/crypto/evp/Makefile

@@ -67,7 +67,7 @@ files:
 links:
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	[ ! -f $(TESTDATA) ] || cp $(TESTDATA) ../../test
+	@[ -f $(TESTDATA) ] && cp $(TESTDATA) ../../test && echo "$(TESTDATA) -> ../../test/$(TESTDATA)"
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
 
 install:

deps/openssl/openssl/crypto/evp/digest.c

@@ -366,8 +366,11 @@ int EVP_Digest(const void *data, size_t count,
 
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
 	{
-	EVP_MD_CTX_cleanup(ctx);
+	if (ctx)
-	OPENSSL_free(ctx);
+		{
+		EVP_MD_CTX_cleanup(ctx);
+		OPENSSL_free(ctx);
+		}
 	}
 
 /* This call frees resources associated with the context */

deps/openssl/openssl/crypto/evp/e_aes.c

@@ -842,7 +842,10 @@ static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 			gctx->ctr = NULL;
 			break;
 			}
+		else
 #endif
+		(void)0;	/* terminate potentially open 'else' */
+
 		AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
 		CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f)AES_encrypt);
 #ifdef AES_CTR_ASM
@@ -1083,14 +1086,17 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 			xctx->xts.block1 = (block128_f)vpaes_decrypt;
 			}
 
-		vpaes_set_encrypt_key(key + ctx->key_len/2,
+		    vpaes_set_encrypt_key(key + ctx->key_len/2,
 						ctx->key_len * 4, &xctx->ks2);
-		xctx->xts.block2 = (block128_f)vpaes_encrypt;
+		    xctx->xts.block2 = (block128_f)vpaes_encrypt;
 
-		xctx->xts.key1 = &xctx->ks1;
+		    xctx->xts.key1 = &xctx->ks1;
-		break;
+		    break;
-		}
+		    }
+		else
 #endif
+		(void)0;	/* terminate potentially open 'else' */
+
 		if (enc)
 			{
 			AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);

deps/openssl/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c

@@ -328,10 +328,11 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
 				if (res!=SHA_CBLOCK) continue;
 
-				mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
+				/* j is not incremented yet */
+				mask = 0-((inp_len+7-j)>>(sizeof(j)*8-1));
 				data->u[SHA_LBLOCK-1] |= bitlen&mask;
 				sha1_block_data_order(&key->md,data,1);
-				mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
+				mask &= 0-((j-inp_len-72)>>(sizeof(j)*8-1));
 				pmac->u[0] |= key->md.h0 & mask;
 				pmac->u[1] |= key->md.h1 & mask;
 				pmac->u[2] |= key->md.h2 & mask;

deps/openssl/openssl/crypto/evp/e_des3.c

@@ -101,7 +101,7 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 			      const unsigned char *in, size_t inl)
 {
-	if (inl>=EVP_MAXCHUNK)
+	while (inl>=EVP_MAXCHUNK)
 		{
 		DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
 			       &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
@@ -132,7 +132,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 	printf("\n");
 	}
 #endif    /* KSSL_DEBUG */
-	if (inl>=EVP_MAXCHUNK)
+	while (inl>=EVP_MAXCHUNK)
 		{
 		DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
 			     &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
@@ -151,7 +151,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 			      const unsigned char *in, size_t inl)
 {
-	if (inl>=EVP_MAXCHUNK)
+	while (inl>=EVP_MAXCHUNK)
 		{
 		DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, 
 			       &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,

deps/openssl/openssl/crypto/evp/p5_crpt2.c

@@ -85,19 +85,24 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
 	unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
 	int cplen, j, k, tkeylen, mdlen;
 	unsigned long i = 1;
-	HMAC_CTX hctx;
+	HMAC_CTX hctx_tpl, hctx;
 
 	mdlen = EVP_MD_size(digest);
 	if (mdlen < 0)
 		return 0;
 
-	HMAC_CTX_init(&hctx);
+	HMAC_CTX_init(&hctx_tpl);
 	p = out;
 	tkeylen = keylen;
 	if(!pass)
 		passlen = 0;
 	else if(passlen == -1)
 		passlen = strlen(pass);
+	if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL))
+		{
+		HMAC_CTX_cleanup(&hctx_tpl);
+		return 0;
+		}
 	while(tkeylen)
 		{
 		if(tkeylen > mdlen)
@@ -111,19 +116,36 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
 		itmp[1] = (unsigned char)((i >> 16) & 0xff);
 		itmp[2] = (unsigned char)((i >> 8) & 0xff);
 		itmp[3] = (unsigned char)(i & 0xff);
-		if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL)
+		if (!HMAC_CTX_copy(&hctx, &hctx_tpl))
-			|| !HMAC_Update(&hctx, salt, saltlen)
-			|| !HMAC_Update(&hctx, itmp, 4)
-			|| !HMAC_Final(&hctx, digtmp, NULL))
 			{
+			HMAC_CTX_cleanup(&hctx_tpl);
+			return 0;
+			}
+		if (!HMAC_Update(&hctx, salt, saltlen)
+		    || !HMAC_Update(&hctx, itmp, 4)
+		    || !HMAC_Final(&hctx, digtmp, NULL))
+			{
+			HMAC_CTX_cleanup(&hctx_tpl);
 			HMAC_CTX_cleanup(&hctx);
 			return 0;
 			}
+		HMAC_CTX_cleanup(&hctx);
 		memcpy(p, digtmp, cplen);
 		for(j = 1; j < iter; j++)
 			{
-			HMAC(digest, pass, passlen,
+			if (!HMAC_CTX_copy(&hctx, &hctx_tpl))
-				 digtmp, mdlen, digtmp, NULL);
+				{
+				HMAC_CTX_cleanup(&hctx_tpl);
+				return 0;
+				}
+			if (!HMAC_Update(&hctx, digtmp, mdlen)
+			    || !HMAC_Final(&hctx, digtmp, NULL))
+				{
+				HMAC_CTX_cleanup(&hctx_tpl);
+				HMAC_CTX_cleanup(&hctx);
+				return 0;
+				}
+			HMAC_CTX_cleanup(&hctx);
 			for(k = 0; k < cplen; k++)
 				p[k] ^= digtmp[k];
 			}
@@ -131,7 +153,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
 		i++;
 		p+= cplen;
 		}
-	HMAC_CTX_cleanup(&hctx);
+	HMAC_CTX_cleanup(&hctx_tpl);
 #ifdef DEBUG_PKCS5V2
 	fprintf(stderr, "Password:\n");
 	h__dump (pass, passlen);

deps/openssl/openssl/crypto/modes/Makefile

@@ -53,7 +53,10 @@ ghash-x86_64.s:	asm/ghash-x86_64.pl
 ghash-sparcv9.s:	asm/ghash-sparcv9.pl
 	$(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS)
 ghash-alpha.s:	asm/ghash-alpha.pl
-	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
+	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+	$(PERL) asm/ghash-alpha.pl > $$preproc && \
+	$(CC) -E $$preproc > $@ && rm $$preproc)
+
 ghash-parisc.s:	asm/ghash-parisc.pl
 	$(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
 

deps/openssl/openssl/crypto/modes/asm/ghash-alpha.pl

@@ -266,8 +266,8 @@ gcm_gmult_4bit:
 	ldq	$Xlo,8($Xi)
 	ldq	$Xhi,0($Xi)
 
-	br	$rem_4bit,.Lpic1
+	bsr	$t0,picmeup
-.Lpic1:	lda	$rem_4bit,rem_4bit-.Lpic1($rem_4bit)
+	nop
 ___
 
 	&loop();
@@ -341,8 +341,8 @@ gcm_ghash_4bit:
 	ldq	$Xhi,0($Xi)
 	ldq	$Xlo,8($Xi)
 
-	br	$rem_4bit,.Lpic2
+	bsr	$t0,picmeup
-.Lpic2:	lda	$rem_4bit,rem_4bit-.Lpic2($rem_4bit)
+	nop
 
 .Louter:
 	extql	$inhi,$inp,$inhi
@@ -436,11 +436,20 @@ $code.=<<___;
 .end	gcm_ghash_4bit
 
 .align	4
+.ent	picmeup
+picmeup:
+	.frame	sp,0,$t0
+	.prologue 0
+	br	$rem_4bit,.Lpic
+.Lpic:	lda	$rem_4bit,12($rem_4bit)
+	ret	($t0)
+.end	picmeup
+	nop
 rem_4bit:
-	.quad	0x0000<<48, 0x1C20<<48, 0x3840<<48, 0x2460<<48
+	.long	0,0x0000<<16, 0,0x1C20<<16, 0,0x3840<<16, 0,0x2460<<16
-	.quad	0x7080<<48, 0x6CA0<<48, 0x48C0<<48, 0x54E0<<48
+	.long	0,0x7080<<16, 0,0x6CA0<<16, 0,0x48C0<<16, 0,0x54E0<<16
-	.quad	0xE100<<48, 0xFD20<<48, 0xD940<<48, 0xC560<<48
+	.long	0,0xE100<<16, 0,0xFD20<<16, 0,0xD940<<16, 0,0xC560<<16
-	.quad	0x9180<<48, 0x8DA0<<48, 0xA9C0<<48, 0xB5E0<<48
+	.long	0,0x9180<<16, 0,0x8DA0<<16, 0,0xA9C0<<16, 0,0xB5E0<<16
 .ascii	"GHASH for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
 .align	4
 

deps/openssl/openssl/crypto/modes/asm/ghash-parisc.pl

@@ -724,6 +724,7 @@ foreach (split("\n",$code)) {
 		s/cmpb,\*/comb,/;
 		s/,\*/,/;
 	}
+	s/\bbv\b/bve/	if ($SIZE_T==8);
 	print $_,"\n";
 }
 

deps/openssl/openssl/crypto/modes/cbc128.c

@@ -117,7 +117,7 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
 			unsigned char ivec[16], block128_f block)
 {
 	size_t n;
-	union { size_t align; unsigned char c[16]; } tmp;
+	union { size_t t[16/sizeof(size_t)]; unsigned char c[16]; } tmp;
 
 	assert(in && out && key && ivec);
 
@@ -137,11 +137,13 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
 				out += 16;
 			}
 		}
-		else {
+		else  if (16%sizeof(size_t) == 0) { /* always true */
 			while (len>=16) {
+				size_t *out_t=(size_t *)out, *iv_t=(size_t *)iv;
+
 				(*block)(in, out, key);
-				for(n=0; n<16; n+=sizeof(size_t))
+				for(n=0; n<16/sizeof(size_t); n++)
-					*(size_t *)(out+n) ^= *(size_t *)(iv+n);
+					out_t[n] ^= iv_t[n];
 				iv = in;
 				len -= 16;
 				in  += 16;
@@ -165,15 +167,16 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
 				out += 16;
 			}
 		}
-		else {
+		else if (16%sizeof(size_t) == 0) { /* always true */
-			size_t c;
 			while (len>=16) {
+				size_t c, *out_t=(size_t *)out, *ivec_t=(size_t *)ivec;
+				const size_t *in_t=(const size_t *)in;
+
 				(*block)(in, tmp.c, key);
-				for(n=0; n<16; n+=sizeof(size_t)) {
+				for(n=0; n<16/sizeof(size_t); n++) {
-					c = *(size_t *)(in+n);
+					c = in_t[n];
-					*(size_t *)(out+n) =
+					out_t[n] = tmp.t[n] ^ ivec_t[n];
-					*(size_t *)(tmp.c+n) ^ *(size_t *)(ivec+n);
+					ivec_t[n] = c;
-					*(size_t *)(ivec+n) = c;
 				}
 				len -= 16;
 				in  += 16;

deps/openssl/openssl/crypto/modes/ccm128.c

@@ -87,7 +87,7 @@ int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
 		ctx->nonce.c[11] = (u8)(mlen>>(32%(sizeof(mlen)*8)));
 	}
 	else
-		*(u32*)(&ctx->nonce.c[8]) = 0;
+		ctx->nonce.u[1] = 0;
 
 	ctx->nonce.c[12] = (u8)(mlen>>24);
 	ctx->nonce.c[13] = (u8)(mlen>>16);

deps/openssl/openssl/crypto/modes/cts128.c

@@ -108,12 +108,8 @@ size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
 	(*cbc)(in,out-16,residue,key,ivec,1);
 	memcpy(out,tmp.c,residue);
 #else
-	{
+	memset(tmp.c,0,sizeof(tmp));
-	size_t n;
-	for (n=0; n<16; n+=sizeof(size_t))
-		*(size_t *)(tmp.c+n) = 0;
 	memcpy(tmp.c,in,residue);
-	}
 	memcpy(out,out-16,residue);
 	(*cbc)(tmp.c,out-16,16,key,ivec,1);
 #endif
@@ -144,12 +140,8 @@ size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
 #if defined(CBC_HANDLES_TRUNCATED_IO)
 	(*cbc)(in,out-16+residue,residue,key,ivec,1);
 #else
-	{
+	memset(tmp.c,0,sizeof(tmp));
-	size_t n;
-	for (n=0; n<16; n+=sizeof(size_t))
-		*(size_t *)(tmp.c+n) = 0;
 	memcpy(tmp.c,in,residue);
-	}
 	(*cbc)(tmp.c,out-16+residue,16,key,ivec,1);
 #endif
 	return len+residue;
@@ -177,8 +169,7 @@ size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
 
 	(*block)(in,tmp.c+16,key);
 
-	for (n=0; n<16; n+=sizeof(size_t))
+	memcpy(tmp.c,tmp.c+16,16);
-		*(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n);
 	memcpy(tmp.c,in+16,residue);
 	(*block)(tmp.c,tmp.c,key);
 
@@ -220,8 +211,7 @@ size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *o
 
 	(*block)(in+residue,tmp.c+16,key);
 
-	for (n=0; n<16; n+=sizeof(size_t))
+	memcpy(tmp.c,tmp.c+16,16);
-		*(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n);
 	memcpy(tmp.c,in,residue);
 	(*block)(tmp.c,tmp.c,key);
 
@@ -240,7 +230,7 @@ size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *o
 size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
 			size_t len, const void *key,
 			unsigned char ivec[16], cbc128_f cbc)
-{	size_t residue, n;
+{	size_t residue;
 	union { size_t align; unsigned char c[32]; } tmp;
 
 	assert (in && out && key && ivec);
@@ -257,8 +247,7 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
 		out += len;
 	}
 
-	for (n=16; n<32; n+=sizeof(size_t))
+	memset(tmp.c,0,sizeof(tmp));
-		*(size_t *)(tmp.c+n) = 0;
 	/* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
 	(*cbc)(in,tmp.c,16,key,tmp.c+16,0);
 
@@ -275,7 +264,7 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
 size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
 			size_t len, const void *key,
 			unsigned char ivec[16], cbc128_f cbc)
-{	size_t residue, n;
+{	size_t residue;
 	union { size_t align; unsigned char c[32]; } tmp;
 
 	assert (in && out && key && ivec);
@@ -297,8 +286,7 @@ size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
 		out += len;
 	}
 
-	for (n=16; n<32; n+=sizeof(size_t))
+	memset(tmp.c,0,sizeof(tmp));
-		*(size_t *)(tmp.c+n) = 0;
 	/* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
 	(*cbc)(in+residue,tmp.c,16,key,tmp.c+16,0);
 

deps/openssl/openssl/crypto/modes/gcm128.c

@@ -941,15 +941,17 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
 		    size_t j=GHASH_CHUNK;
 
 		    while (j) {
+		    	size_t *out_t=(size_t *)out;
+		    	const size_t *in_t=(const size_t *)in;
+
 			(*block)(ctx->Yi.c,ctx->EKi.c,key);
 			++ctr;
 			if (is_endian.little)
 				PUTU32(ctx->Yi.c+12,ctr);
 			else
 				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16; i+=sizeof(size_t))
+			for (i=0; i<16/sizeof(size_t); ++i)
-				*(size_t *)(out+i) =
+				out_t[i] = in_t[i] ^ ctx->EKi.t[i];
-				*(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
 			out += 16;
 			in  += 16;
 			j   -= 16;
@@ -961,15 +963,17 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
 		    size_t j=i;
 
 		    while (len>=16) {
+		    	size_t *out_t=(size_t *)out;
+		    	const size_t *in_t=(const size_t *)in;
+
 			(*block)(ctx->Yi.c,ctx->EKi.c,key);
 			++ctr;
 			if (is_endian.little)
 				PUTU32(ctx->Yi.c+12,ctr);
 			else
 				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16; i+=sizeof(size_t))
+			for (i=0; i<16/sizeof(size_t); ++i)
-				*(size_t *)(out+i) =
+				out_t[i] = in_t[i] ^ ctx->EKi.t[i];
-				*(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
 			out += 16;
 			in  += 16;
 			len -= 16;
@@ -978,16 +982,18 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
 		}
 #else
 		while (len>=16) {
+		    	size_t *out_t=(size_t *)out;
+		    	const size_t *in_t=(const size_t *)in;
+
 			(*block)(ctx->Yi.c,ctx->EKi.c,key);
 			++ctr;
 			if (is_endian.little)
 				PUTU32(ctx->Yi.c+12,ctr);
 			else
 				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16; i+=sizeof(size_t))
+			for (i=0; i<16/sizeof(size_t); ++i)
-				*(size_t *)(ctx->Xi.c+i) ^=
+				ctx->Xi.t[i] ^=
-				*(size_t *)(out+i) =
+				out_t[i] = in_t[i]^ctx->EKi.t[i];
-				*(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
 			GCM_MUL(ctx,Xi);
 			out += 16;
 			in  += 16;
@@ -1091,15 +1097,17 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
 
 		    GHASH(ctx,in,GHASH_CHUNK);
 		    while (j) {
+		    	size_t *out_t=(size_t *)out;
+		    	const size_t *in_t=(const size_t *)in;
+
 			(*block)(ctx->Yi.c,ctx->EKi.c,key);
 			++ctr;
 			if (is_endian.little)
 				PUTU32(ctx->Yi.c+12,ctr);
 			else
 				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16; i+=sizeof(size_t))
+			for (i=0; i<16/sizeof(size_t); ++i)
-				*(size_t *)(out+i) =
+				out_t[i] = in_t[i]^ctx->EKi.t[i];
-				*(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
 			out += 16;
 			in  += 16;
 			j   -= 16;
@@ -1109,15 +1117,17 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
 		if ((i = (len&(size_t)-16))) {
 		    GHASH(ctx,in,i);
 		    while (len>=16) {
+		    	size_t *out_t=(size_t *)out;
+		    	const size_t *in_t=(const size_t *)in;
+
 			(*block)(ctx->Yi.c,ctx->EKi.c,key);
 			++ctr;
 			if (is_endian.little)
 				PUTU32(ctx->Yi.c+12,ctr);
 			else
 				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16; i+=sizeof(size_t))
+			for (i=0; i<16/sizeof(size_t); ++i)
-				*(size_t *)(out+i) =
+				out_t[i] = in_t[i]^ctx->EKi.t[i];
-				*(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
 			out += 16;
 			in  += 16;
 			len -= 16;
@@ -1125,16 +1135,19 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
 		}
 #else
 		while (len>=16) {
+		    	size_t *out_t=(size_t *)out;
+		    	const size_t *in_t=(const size_t *)in;
+
 			(*block)(ctx->Yi.c,ctx->EKi.c,key);
 			++ctr;
 			if (is_endian.little)
 				PUTU32(ctx->Yi.c+12,ctr);
 			else
 				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16; i+=sizeof(size_t)) {
+			for (i=0; i<16/sizeof(size_t); ++i) {
-				size_t c = *(size_t *)(in+i);
+				size_t c = in[i];
-				*(size_t *)(out+i) = c^*(size_t *)(ctx->EKi.c+i);
+				out[i] = c^ctx->EKi.t[i];
-				*(size_t *)(ctx->Xi.c+i) ^= c;
+				ctx->Xi.t[i] ^= c;
 			}
 			GCM_MUL(ctx,Xi);
 			out += 16;
@@ -1669,6 +1682,46 @@ static const u8	IV18[]={0x93,0x13,0x22,0x5d,0xf8,0x84,0x06,0xe5,0x55,0x90,0x9c,0
 			0xa2,0x41,0x89,0x97,0x20,0x0e,0xf8,0x2e,0x44,0xae,0x7e,0x3f},
 		T18[]= {0xa4,0x4a,0x82,0x66,0xee,0x1c,0x8e,0xb0,0xc8,0xb5,0xd4,0xcf,0x5a,0xe9,0xf1,0x9a};
 
+/* Test Case 19 */
+#define K19 K1
+#define P19 P1
+#define IV19 IV1
+#define C19 C1
+static const u8 A19[]= {0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a,
+			0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72,
+			0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25,
+			0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39,0x1a,0xaf,0xd2,0x55,
+			0x52,0x2d,0xc1,0xf0,0x99,0x56,0x7d,0x07,0xf4,0x7f,0x37,0xa3,0x2a,0x84,0x42,0x7d,
+			0x64,0x3a,0x8c,0xdc,0xbf,0xe5,0xc0,0xc9,0x75,0x98,0xa2,0xbd,0x25,0x55,0xd1,0xaa,
+			0x8c,0xb0,0x8e,0x48,0x59,0x0d,0xbb,0x3d,0xa7,0xb0,0x8b,0x10,0x56,0x82,0x88,0x38,
+			0xc5,0xf6,0x1e,0x63,0x93,0xba,0x7a,0x0a,0xbc,0xc9,0xf6,0x62,0x89,0x80,0x15,0xad},
+		T19[]= {0x5f,0xea,0x79,0x3a,0x2d,0x6f,0x97,0x4d,0x37,0xe6,0x8e,0x0c,0xb8,0xff,0x94,0x92};
+
+/* Test Case 20 */
+#define K20 K1
+#define A20 A1
+static const u8 IV20[64]={0xff,0xff,0xff,0xff},	/* this results in 0xff in counter LSB */
+		P20[288],
+		C20[]= {0x56,0xb3,0x37,0x3c,0xa9,0xef,0x6e,0x4a,0x2b,0x64,0xfe,0x1e,0x9a,0x17,0xb6,0x14,
+			0x25,0xf1,0x0d,0x47,0xa7,0x5a,0x5f,0xce,0x13,0xef,0xc6,0xbc,0x78,0x4a,0xf2,0x4f,
+			0x41,0x41,0xbd,0xd4,0x8c,0xf7,0xc7,0x70,0x88,0x7a,0xfd,0x57,0x3c,0xca,0x54,0x18,
+			0xa9,0xae,0xff,0xcd,0x7c,0x5c,0xed,0xdf,0xc6,0xa7,0x83,0x97,0xb9,0xa8,0x5b,0x49,
+			0x9d,0xa5,0x58,0x25,0x72,0x67,0xca,0xab,0x2a,0xd0,0xb2,0x3c,0xa4,0x76,0xa5,0x3c,
+			0xb1,0x7f,0xb4,0x1c,0x4b,0x8b,0x47,0x5c,0xb4,0xf3,0xf7,0x16,0x50,0x94,0xc2,0x29,
+			0xc9,0xe8,0xc4,0xdc,0x0a,0x2a,0x5f,0xf1,0x90,0x3e,0x50,0x15,0x11,0x22,0x13,0x76,
+			0xa1,0xcd,0xb8,0x36,0x4c,0x50,0x61,0xa2,0x0c,0xae,0x74,0xbc,0x4a,0xcd,0x76,0xce,
+			0xb0,0xab,0xc9,0xfd,0x32,0x17,0xef,0x9f,0x8c,0x90,0xbe,0x40,0x2d,0xdf,0x6d,0x86,
+			0x97,0xf4,0xf8,0x80,0xdf,0xf1,0x5b,0xfb,0x7a,0x6b,0x28,0x24,0x1e,0xc8,0xfe,0x18,
+			0x3c,0x2d,0x59,0xe3,0xf9,0xdf,0xff,0x65,0x3c,0x71,0x26,0xf0,0xac,0xb9,0xe6,0x42,
+			0x11,0xf4,0x2b,0xae,0x12,0xaf,0x46,0x2b,0x10,0x70,0xbe,0xf1,0xab,0x5e,0x36,0x06,
+			0x87,0x2c,0xa1,0x0d,0xee,0x15,0xb3,0x24,0x9b,0x1a,0x1b,0x95,0x8f,0x23,0x13,0x4c,
+			0x4b,0xcc,0xb7,0xd0,0x32,0x00,0xbc,0xe4,0x20,0xa2,0xf8,0xeb,0x66,0xdc,0xf3,0x64,
+			0x4d,0x14,0x23,0xc1,0xb5,0x69,0x90,0x03,0xc1,0x3e,0xce,0xf4,0xbf,0x38,0xa3,0xb6,
+			0x0e,0xed,0xc3,0x40,0x33,0xba,0xc1,0x90,0x27,0x83,0xdc,0x6d,0x89,0xe2,0xe7,0x74,
+			0x18,0x8a,0x43,0x9c,0x7e,0xbc,0xc0,0x67,0x2d,0xbd,0xa4,0xdd,0xcf,0xb2,0x79,0x46,
+			0x13,0xb0,0xbe,0x41,0x31,0x5e,0xf7,0x78,0x70,0x8a,0x70,0xee,0x7d,0x75,0x16,0x5c},
+		T20[]= {0x8b,0x30,0x7f,0x6b,0x33,0x28,0x6d,0x0a,0xb0,0x26,0xa9,0xed,0x3f,0xe1,0xe8,0x5f};
+
 #define TEST_CASE(n)	do {					\
 	u8 out[sizeof(P##n)];					\
 	AES_set_encrypt_key(K##n,sizeof(K##n)*8,&key);		\
@@ -1713,6 +1766,8 @@ int main()
 	TEST_CASE(16);
 	TEST_CASE(17);
 	TEST_CASE(18);
+	TEST_CASE(19);
+	TEST_CASE(20);
 
 #ifdef OPENSSL_CPUID_OBJ
 	{
@@ -1743,11 +1798,16 @@ int main()
 			ctr_t/(double)sizeof(buf),
 			(gcm_t-ctr_t)/(double)sizeof(buf));
 #ifdef GHASH
-	GHASH(&ctx,buf.c,sizeof(buf));
+	{
+	void (*gcm_ghash_p)(u64 Xi[2],const u128 Htable[16],
+				const u8 *inp,size_t len)	= ctx.ghash;
+
+	GHASH((&ctx),buf.c,sizeof(buf));
 	start = OPENSSL_rdtsc();
-	for (i=0;i<100;++i) GHASH(&ctx,buf.c,sizeof(buf));
+	for (i=0;i<100;++i) GHASH((&ctx),buf.c,sizeof(buf));
 	gcm_t = OPENSSL_rdtsc() - start;
 	printf("%.2f\n",gcm_t/(double)sizeof(buf)/(double)i);
+	}
 #endif
 	}
 #endif

deps/openssl/openssl/crypto/modes/modes_lcl.h

@@ -29,10 +29,7 @@ typedef unsigned char u8;
 #if defined(__i386)	|| defined(__i386__)	|| \
     defined(__x86_64)	|| defined(__x86_64__)	|| \
     defined(_M_IX86)	|| defined(_M_AMD64)	|| defined(_M_X64) || \
-    defined(__s390__)	|| defined(__s390x__)	|| \
+    defined(__s390__)	|| defined(__s390x__)
-    ( (defined(__arm__)	|| defined(__arm)) && \
-      (defined(__ARM_ARCH_7__)	|| defined(__ARM_ARCH_7A__) || \
-       defined(__ARM_ARCH_7R__)	|| defined(__ARM_ARCH_7M__)) )
 # undef STRICT_ALIGNMENT
 #endif
 
@@ -101,8 +98,8 @@ typedef struct { u64 hi,lo; } u128;
 
 struct gcm128_context {
 	/* Following 6 names follow names in GCM specification */
-	union { u64 u[2]; u32 d[4]; u8 c[16]; }	Yi,EKi,EK0,len,
+	union { u64 u[2]; u32 d[4]; u8 c[16]; size_t t[16/sizeof(size_t)]; }
-						Xi,H;
+	  Yi,EKi,EK0,len,Xi,H;
 	/* Relative position of Xi, H and pre-computed Htable is used
 	 * in some assembler modules, i.e. don't change the order! */
 #if TABLE_BITS==8

deps/openssl/openssl/crypto/opensslv.h

@@ -25,11 +25,11 @@
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-#define OPENSSL_VERSION_NUMBER	0x1000105fL
+#define OPENSSL_VERSION_NUMBER	0x1000106fL
 #ifdef OPENSSL_FIPS
-#define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.1e-fips 11 Feb 2013"
+#define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.1f-fips 6 Jan 2014"
 #else
-#define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.1e 11 Feb 2013"
+#define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.1f 6 Jan 2014"
 #endif
 #define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT
 

deps/openssl/openssl/crypto/pariscid.pl

@@ -97,33 +97,33 @@ OPENSSL_cleanse
 	.PROC
 	.CALLINFO	NO_CALLS
 	.ENTRY
-	cmpib,*=	0,$len,Ldone
+	cmpib,*=	0,$len,L\$done
 	nop
-	cmpib,*>>=	15,$len,Little
+	cmpib,*>>=	15,$len,L\$ittle
 	ldi		$SIZE_T-1,%r1
 
-Lalign
+L\$align
 	and,*<>		$inp,%r1,%r28
-	b,n		Laligned
+	b,n		L\$aligned
 	stb		%r0,0($inp)
 	ldo		-1($len),$len
-	b		Lalign
+	b		L\$align
 	ldo		1($inp),$inp
 
-Laligned
+L\$aligned
 	andcm		$len,%r1,%r28
-Lot
+L\$ot
 	$ST		%r0,0($inp)
-	addib,*<>	-$SIZE_T,%r28,Lot
+	addib,*<>	-$SIZE_T,%r28,L\$ot
 	ldo		$SIZE_T($inp),$inp
 
 	and,*<>		$len,%r1,$len
-	b,n		Ldone
+	b,n		L\$done
-Little
+L\$ittle
 	stb		%r0,0($inp)
-	addib,*<>	-1,$len,Little
+	addib,*<>	-1,$len,L\$ittle
 	ldo		1($inp),$inp
-Ldone
+L\$done
 	bv		($rp)
 	.EXIT
 	nop
@@ -151,7 +151,7 @@ OPENSSL_instrument_bus
 	ldw		0($out),$tick
 	add		$diff,$tick,$tick
 	stw		$tick,0($out)
-Loop
+L\$oop
 	mfctl		%cr16,$tick
 	sub		$tick,$lasttick,$diff
 	copy		$tick,$lasttick
@@ -161,7 +161,7 @@ Loop
 	add		$diff,$tick,$tick
 	stw		$tick,0($out)
 
-	addib,<>	-1,$cnt,Loop
+	addib,<>	-1,$cnt,L\$oop
 	addi		4,$out,$out
 
 	bv		($rp)
@@ -190,14 +190,14 @@ OPENSSL_instrument_bus2
 	mfctl		%cr16,$tick
 	sub		$tick,$lasttick,$diff
 	copy		$tick,$lasttick
-Loop2
+L\$oop2
 	copy		$diff,$lastdiff
 	fdc		0($out)
 	ldw		0($out),$tick
 	add		$diff,$tick,$tick
 	stw		$tick,0($out)
 
-	addib,=		-1,$max,Ldone2
+	addib,=		-1,$max,L\$done2
 	nop
 
 	mfctl		%cr16,$tick
@@ -208,17 +208,18 @@ Loop2
 
 	ldi		1,%r1
 	xor		%r1,$tick,$tick
-	addb,<>		$tick,$cnt,Loop2
+	addb,<>		$tick,$cnt,L\$oop2
 	shladd,l	$tick,2,$out,$out
-Ldone2
+L\$done2
 	bv		($rp)
 	.EXIT
 	add		$rv,$cnt,$rv
 	.PROCEND
 ___
 }
-$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
+$code =~ s/cmpib,\*/comib,/gm	if ($SIZE_T==4);
-$code =~ s/,\*/,/gm if ($SIZE_T==4);
+$code =~ s/,\*/,/gm		if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm	if ($SIZE_T==8);
 print $code;
 close STDOUT;
 

deps/openssl/openssl/crypto/pem/pem_info.c

@@ -167,6 +167,7 @@ start:
 #ifndef OPENSSL_NO_RSA
 			if (strcmp(name,PEM_STRING_RSA) == 0)
 			{
+			d2i=(D2I_OF(void))d2i_RSAPrivateKey;
 			if (xi->x_pkey != NULL) 
 				{
 				if (!sk_X509_INFO_push(ret,xi)) goto err;

deps/openssl/openssl/crypto/perlasm/x86masm.pl

@@ -80,7 +80,7 @@ TITLE	$_[0].asm
 IF \@Version LT 800
 ECHO MASM version 8.00 or later is strongly recommended.
 ENDIF
-.686
+.486
 .MODEL	FLAT
 OPTION	DOTNAME
 IF \@Version LT 800

deps/openssl/openssl/crypto/pkcs12/p12_crt.c

@@ -90,7 +90,14 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
 
 	/* Set defaults */
 	if (!nid_cert)
+		{
+#ifdef OPENSSL_FIPS
+		if (FIPS_mode())
+			nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+		else
+#endif
 		nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
+		}
 	if (!nid_key)
 		nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
 	if (!iter)

deps/openssl/openssl/crypto/rand/md_rand.c

@@ -380,8 +380,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
 	 * are fed into the hash function and the results are kept in the
 	 * global 'md'.
 	 */
-
+#ifdef OPENSSL_FIPS
-	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+	/* NB: in FIPS mode we are already under a lock */
+	if (!FIPS_mode())
+#endif
+		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 
 	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
 	CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
@@ -460,7 +463,10 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
 
 	/* before unlocking, we must clear 'crypto_lock_rand' */
 	crypto_lock_rand = 0;
-	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+#ifdef OPENSSL_FIPS
+	if (!FIPS_mode())
+#endif
+		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
 	while (num > 0)
 		{
@@ -512,10 +518,16 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
 	MD_Init(&m);
 	MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
 	MD_Update(&m,local_md,MD_DIGEST_LENGTH);
-	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+#ifdef OPENSSL_FIPS
+	if (!FIPS_mode())
+#endif
+		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 	MD_Update(&m,md,MD_DIGEST_LENGTH);
 	MD_Final(&m,md);
-	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+#ifdef OPENSSL_FIPS
+	if (!FIPS_mode())
+#endif
+		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
 	EVP_MD_CTX_cleanup(&m);
 	if (ok)

deps/openssl/openssl/crypto/rand/rand.h

@@ -138,6 +138,7 @@ void ERR_load_RAND_strings(void);
 #define RAND_F_SSLEAY_RAND_BYTES			 100
 
 /* Reason codes. */
+#define RAND_R_DUAL_EC_DRBG_DISABLED			 104
 #define RAND_R_ERROR_INITIALISING_DRBG			 102
 #define RAND_R_ERROR_INSTANTIATING_DRBG			 103
 #define RAND_R_NO_FIPS_RANDOM_METHOD_SET		 101

deps/openssl/openssl/crypto/rand/rand_err.c

@@ -78,6 +78,7 @@ static ERR_STRING_DATA RAND_str_functs[]=
 
 static ERR_STRING_DATA RAND_str_reasons[]=
 	{
+{ERR_REASON(RAND_R_DUAL_EC_DRBG_DISABLED),"dual ec drbg disabled"},
 {ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG),"error initialising drbg"},
 {ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG),"error instantiating drbg"},
 {ERR_REASON(RAND_R_NO_FIPS_RANDOM_METHOD_SET),"no fips random method set"},

deps/openssl/openssl/crypto/rand/rand_lib.c

@@ -269,6 +269,14 @@ int RAND_init_fips(void)
 	DRBG_CTX *dctx;
 	size_t plen;
 	unsigned char pers[32], *p;
+#ifndef OPENSSL_ALLOW_DUAL_EC_DRBG
+	if (fips_drbg_type >> 16)
+		{
+		RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_DUAL_EC_DRBG_DISABLED);
+		return 0;
+		}
+#endif
+		
 	dctx = FIPS_get_default_drbg();
         if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0)
 		{

deps/openssl/openssl/crypto/rc4/asm/rc4-parisc.pl

@@ -307,7 +307,8 @@ L\$opts
 	.STRINGZ "RC4 for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
 ___
 $code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
+$code =~ s/cmpib,\*/comib,/gm	if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm	if ($SIZE_T==8);
 
 print $code;
 close STDOUT;

deps/openssl/openssl/crypto/rsa/rsa_ameth.c

@@ -351,27 +351,27 @@ static int rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss,
 
 	if (!BIO_indent(bp, indent, 128))
 		goto err;
-	if (BIO_puts(bp, "Salt Length: ") <= 0)
+	if (BIO_puts(bp, "Salt Length: 0x") <= 0)
 			goto err;
 	if (pss->saltLength)
 		{
 		if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0)
 			goto err;
 		}
-	else if (BIO_puts(bp, "20 (default)") <= 0)
+	else if (BIO_puts(bp, "0x14 (default)") <= 0)
 		goto err;
 	BIO_puts(bp, "\n");
 
 	if (!BIO_indent(bp, indent, 128))
 		goto err;
-	if (BIO_puts(bp, "Trailer Field: ") <= 0)
+	if (BIO_puts(bp, "Trailer Field: 0x") <= 0)
 			goto err;
 	if (pss->trailerField)
 		{
 		if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0)
 			goto err;
 		}
-	else if (BIO_puts(bp, "0xbc (default)") <= 0)
+	else if (BIO_puts(bp, "BC (default)") <= 0)
 		goto err;
 	BIO_puts(bp, "\n");
 	

deps/openssl/openssl/crypto/rsa/rsa_chk.c

@@ -60,6 +60,12 @@ int RSA_check_key(const RSA *key)
 	int r;
 	int ret=1;
 
+	if (!key->p || !key->q || !key->n || !key->e || !key->d)
+		{
+		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_VALUE_MISSING);
+		return 0;
+		}
+	
 	i = BN_new();
 	j = BN_new();
 	k = BN_new();

deps/openssl/openssl/crypto/rsa/rsa_pmeth.c

@@ -611,6 +611,8 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
 			pm = RSA_NO_PADDING;
 		else if (!strcmp(value, "oeap"))
 			pm = RSA_PKCS1_OAEP_PADDING;
+		else if (!strcmp(value, "oaep"))
+			pm = RSA_PKCS1_OAEP_PADDING;
 		else if (!strcmp(value, "x931"))
 			pm = RSA_X931_PADDING;
 		else if (!strcmp(value, "pss"))

deps/openssl/openssl/crypto/sha/Makefile

@@ -60,7 +60,9 @@ sha256-armv4.S: asm/sha256-armv4.pl
 	$(PERL) $< $(PERLASM_SCHEME) $@
 
 sha1-alpha.s:	asm/sha1-alpha.pl
-	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
+	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+	$(PERL) asm/sha1-alpha.pl > $$preproc && \
+	$(CC) -E $$preproc > $@ && rm $$preproc)
 
 # Solaris make has to be explicitly told
 sha1-x86_64.s:	asm/sha1-x86_64.pl;	$(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@

deps/openssl/openssl/crypto/sha/asm/sha1-parisc.pl

@@ -254,6 +254,7 @@ $code.=<<___;
 ___
 
 $code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/,\*/,/gm if ($SIZE_T==4);
+$code =~ s/,\*/,/gm		if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm	if ($SIZE_T==8);
 print $code;
 close STDOUT;

deps/openssl/openssl/crypto/sha/asm/sha1-x86_64.pl

@@ -745,7 +745,7 @@ $code.=<<___;
 	mov	%rdi,$ctx	# reassigned argument
 	mov	%rsi,$inp	# reassigned argument
 	mov	%rdx,$num	# reassigned argument
-	vzeroall
+	vzeroupper
 
 	shl	\$6,$num
 	add	$inp,$num
@@ -1038,7 +1038,7 @@ ___
 	&Xtail_avx(\&body_20_39);
 
 $code.=<<___;
-	vzeroall
+	vzeroupper
 
 	add	0($ctx),$A			# update context
 	add	4($ctx),@T[0]

deps/openssl/openssl/crypto/sha/asm/sha256-x86_64.pl

@@ -54,7 +54,6 @@ die "can't locate x86_64-xlate.pl";
 open OUT,"| \"$^X\" $xlate $flavour $output";
 *STDOUT=*OUT;
 
-# assume 256
 $func="sha256_block_data_order";
 $TABLE="K256";
 $SZ=4;
@@ -83,43 +82,43 @@ sub ROUND_00_15()
 { my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
 
 $code.=<<___;
-	ror	\$`$Sigma1[2]-$Sigma1[1]`,$a0
+  ror	\$`$Sigma1[2]-$Sigma1[1]`,$a0
-	mov	$f,$a2
+  mov	$f,$a2
-	mov	$T1,`$SZ*($i&0xf)`(%rsp)
+  mov	$T1,`$SZ*($i&0xf)`(%rsp)
 
-	ror	\$`$Sigma0[2]-$Sigma0[1]`,$a1
+  ror	\$`$Sigma0[2]-$Sigma0[1]`,$a1
-	xor	$e,$a0
+  xor	$e,$a0
-	xor	$g,$a2			# f^g
+  xor	$g,$a2			# f^g
 
-	ror	\$`$Sigma1[1]-$Sigma1[0]`,$a0
+  ror	\$`$Sigma1[1]-$Sigma1[0]`,$a0
-	add	$h,$T1			# T1+=h
+  add	$h,$T1			# T1+=h
-	xor	$a,$a1
+  xor	$a,$a1
 
-	add	($Tbl,$round,$SZ),$T1	# T1+=K[round]
+  add	($Tbl,$round,$SZ),$T1	# T1+=K[round]
-	and	$e,$a2			# (f^g)&e
+  and	$e,$a2			# (f^g)&e
-	mov	$b,$h
+  mov	$b,$h
 
-	ror	\$`$Sigma0[1]-$Sigma0[0]`,$a1
+  ror	\$`$Sigma0[1]-$Sigma0[0]`,$a1
-	xor	$e,$a0
+  xor	$e,$a0
-	xor	$g,$a2			# Ch(e,f,g)=((f^g)&e)^g
+  xor	$g,$a2			# Ch(e,f,g)=((f^g)&e)^g
 
-	xor	$c,$h			# b^c
+  xor	$c,$h			# b^c
-	xor	$a,$a1
+  xor	$a,$a1
-	add	$a2,$T1			# T1+=Ch(e,f,g)
+  add	$a2,$T1			# T1+=Ch(e,f,g)
-	mov	$b,$a2
+  mov	$b,$a2
 
-	ror	\$$Sigma1[0],$a0	# Sigma1(e)
+  ror	\$$Sigma1[0],$a0	# Sigma1(e)
-	and	$a,$h			# h=(b^c)&a
+  and	$a,$h			# h=(b^c)&a
-	and	$c,$a2			# b&c
+  and	$c,$a2			# b&c
 
-	ror	\$$Sigma0[0],$a1	# Sigma0(a)
+  ror	\$$Sigma0[0],$a1	# Sigma0(a)
-	add	$a0,$T1			# T1+=Sigma1(e)
+  add	$a0,$T1			# T1+=Sigma1(e)
-	add	$a2,$h			# h+=b&c (completes +=Maj(a,b,c)
+  add	$a2,$h			# h+=b&c (completes +=Maj(a,b,c)
 
-	add	$T1,$d			# d+=T1
+  add	$T1,$d			# d+=T1
-	add	$T1,$h			# h+=T1
+  add	$T1,$h			# h+=T1
-	lea	1($round),$round	# round++
+  lea	1($round),$round	# round++
-	add	$a1,$h			# h+=Sigma0(a)
+  add	$a1,$h			# h+=Sigma0(a)
 
 ___
 }
@@ -128,33 +127,33 @@ sub ROUND_16_XX()
 { my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
 
 $code.=<<___;
-	mov	`$SZ*(($i+1)&0xf)`(%rsp),$a0
+  mov	`$SZ*(($i+1)&0xf)`(%rsp),$a0
-	mov	`$SZ*(($i+14)&0xf)`(%rsp),$a1
+  mov	`$SZ*(($i+14)&0xf)`(%rsp),$a1
-	mov	$a0,$T1
+  mov	$a0,$T1
-	mov	$a1,$a2
+  mov	$a1,$a2
-
+
-	ror	\$`$sigma0[1]-$sigma0[0]`,$T1
+  ror	\$`$sigma0[1]-$sigma0[0]`,$T1
-	xor	$a0,$T1
+  xor	$a0,$T1
-	shr	\$$sigma0[2],$a0
+  shr	\$$sigma0[2],$a0
-
+
-	ror	\$$sigma0[0],$T1
+  ror	\$$sigma0[0],$T1
-	xor	$T1,$a0			# sigma0(X[(i+1)&0xf])
+  xor	$T1,$a0			# sigma0(X[(i+1)&0xf])
-	mov	`$SZ*(($i+9)&0xf)`(%rsp),$T1
+  mov	`$SZ*(($i+9)&0xf)`(%rsp),$T1
-
+
-	ror	\$`$sigma1[1]-$sigma1[0]`,$a2
+  ror	\$`$sigma1[1]-$sigma1[0]`,$a2
-	xor	$a1,$a2
+  xor	$a1,$a2
-	shr	\$$sigma1[2],$a1
+  shr	\$$sigma1[2],$a1
-
+
-	ror	\$$sigma1[0],$a2
+  ror	\$$sigma1[0],$a2
-	add	$a0,$T1
+  add	$a0,$T1
-	xor	$a2,$a1			# sigma1(X[(i+14)&0xf])
+  xor	$a2,$a1			# sigma1(X[(i+14)&0xf])
-
+
-	add	`$SZ*($i&0xf)`(%rsp),$T1
+  add	`$SZ*($i&0xf)`(%rsp),$T1
-	mov	$e,$a0
+  mov	$e,$a0
-	add	$a1,$T1
+  add	$a1,$T1
-	mov	$a,$a1
+  mov	$a,$a1
 ___
-	&ROUND_00_15(@_);
+  &ROUND_00_15(@_);
 }
 
 $code=<<___;
@@ -164,95 +163,95 @@ $code=<<___;
 .type	$func,\@function,4
 .align	16
 $func:
-	push	%rbx
+  push	%rbx
-	push	%rbp
+  push	%rbp
-	push	%r12
+  push	%r12
-	push	%r13
+  push	%r13
-	push	%r14
+  push	%r14
-	push	%r15
+  push	%r15
-	mov	%rsp,%r11		# copy %rsp
+  mov	%rsp,%r11		# copy %rsp
-	shl	\$4,%rdx		# num*16
+  shl	\$4,%rdx		# num*16
-	sub	\$$framesz,%rsp
+  sub	\$$framesz,%rsp
-	lea	($inp,%rdx,$SZ),%rdx	# inp+num*16*$SZ
+  lea	($inp,%rdx,$SZ),%rdx	# inp+num*16*$SZ
-	and	\$-64,%rsp		# align stack frame
+  and	\$-64,%rsp		# align stack frame
-	mov	$ctx,$_ctx		# save ctx, 1st arg
+  mov	$ctx,$_ctx		# save ctx, 1st arg
-	mov	$inp,$_inp		# save inp, 2nd arh
+  mov	$inp,$_inp		# save inp, 2nd arh
-	mov	%rdx,$_end		# save end pointer, "3rd" arg
+  mov	%rdx,$_end		# save end pointer, "3rd" arg
-	mov	%r11,$_rsp		# save copy of %rsp
+  mov	%r11,$_rsp		# save copy of %rsp
 .Lprologue:
 
-	lea	$TABLE(%rip),$Tbl
+  lea	$TABLE(%rip),$Tbl
 
-	mov	$SZ*0($ctx),$A
+  mov	$SZ*0($ctx),$A
-	mov	$SZ*1($ctx),$B
+  mov	$SZ*1($ctx),$B
-	mov	$SZ*2($ctx),$C
+  mov	$SZ*2($ctx),$C
-	mov	$SZ*3($ctx),$D
+  mov	$SZ*3($ctx),$D
-	mov	$SZ*4($ctx),$E
+  mov	$SZ*4($ctx),$E
-	mov	$SZ*5($ctx),$F
+  mov	$SZ*5($ctx),$F
-	mov	$SZ*6($ctx),$G
+  mov	$SZ*6($ctx),$G
-	mov	$SZ*7($ctx),$H
+  mov	$SZ*7($ctx),$H
-	jmp	.Lloop
+  jmp	.Lloop
 
 .align	16
 .Lloop:
-	xor	$round,$round
+  xor	$round,$round
 ___
-	for($i=0;$i<16;$i++) {
+  for($i=0;$i<16;$i++) {
-		$code.="	mov	$SZ*$i($inp),$T1\n";
+    $code.="	mov	$SZ*$i($inp),$T1\n";
-		$code.="	mov	@ROT[4],$a0\n";
+    $code.="	mov	@ROT[4],$a0\n";
-		$code.="	mov	@ROT[0],$a1\n";
+    $code.="	mov	@ROT[0],$a1\n";
-		$code.="	bswap	$T1\n";
+    $code.="	bswap	$T1\n";
-		&ROUND_00_15($i,@ROT);
+    &ROUND_00_15($i,@ROT);
-		unshift(@ROT,pop(@ROT));
+    unshift(@ROT,pop(@ROT));
-	}
+  }
 $code.=<<___;
-	jmp	.Lrounds_16_xx
+  jmp	.Lrounds_16_xx
 .align	16
 .Lrounds_16_xx:
 ___
-	for(;$i<32;$i++) {
+  for(;$i<32;$i++) {
-		&ROUND_16_XX($i,@ROT);
+    &ROUND_16_XX($i,@ROT);
-		unshift(@ROT,pop(@ROT));
+    unshift(@ROT,pop(@ROT));
-	}
+  }
 
 $code.=<<___;
-	cmp	\$$rounds,$round
+  cmp	\$$rounds,$round
-	jb	.Lrounds_16_xx
+  jb	.Lrounds_16_xx
-
+
-	mov	$_ctx,$ctx
+  mov	$_ctx,$ctx
-	lea	16*$SZ($inp),$inp
+  lea	16*$SZ($inp),$inp
-
+
-	add	$SZ*0($ctx),$A
+  add	$SZ*0($ctx),$A
-	add	$SZ*1($ctx),$B
+  add	$SZ*1($ctx),$B
-	add	$SZ*2($ctx),$C
+  add	$SZ*2($ctx),$C
-	add	$SZ*3($ctx),$D
+  add	$SZ*3($ctx),$D
-	add	$SZ*4($ctx),$E
+  add	$SZ*4($ctx),$E
-	add	$SZ*5($ctx),$F
+  add	$SZ*5($ctx),$F
-	add	$SZ*6($ctx),$G
+  add	$SZ*6($ctx),$G
-	add	$SZ*7($ctx),$H
+  add	$SZ*7($ctx),$H
-
+
-	cmp	$_end,$inp
+  cmp	$_end,$inp
-
+
-	mov	$A,$SZ*0($ctx)
+  mov	$A,$SZ*0($ctx)
-	mov	$B,$SZ*1($ctx)
+  mov	$B,$SZ*1($ctx)
-	mov	$C,$SZ*2($ctx)
+  mov	$C,$SZ*2($ctx)
-	mov	$D,$SZ*3($ctx)
+  mov	$D,$SZ*3($ctx)
-	mov	$E,$SZ*4($ctx)
+  mov	$E,$SZ*4($ctx)
-	mov	$F,$SZ*5($ctx)
+  mov	$F,$SZ*5($ctx)
-	mov	$G,$SZ*6($ctx)
+  mov	$G,$SZ*6($ctx)
-	mov	$H,$SZ*7($ctx)
+  mov	$H,$SZ*7($ctx)
-	jb	.Lloop
+  jb	.Lloop
-
+
-	mov	$_rsp,%rsi
+  mov	$_rsp,%rsi
-	mov	(%rsi),%r15
+  mov	(%rsi),%r15
-	mov	8(%rsi),%r14
+  mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
+  mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
+  mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
+  mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
+  mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
+  lea	48(%rsi),%rsp
 .Lepilogue:
-	ret
+  ret
 .size	$func,.-$func
 ___
 
@@ -261,68 +260,68 @@ $code.=<<___;
 .align	64
 .type	$TABLE,\@object
 $TABLE:
-	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+  .long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
-	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+  .long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
-	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+  .long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
-	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+  .long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
-	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+  .long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
-	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+  .long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
-	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+  .long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
-	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+  .long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
-	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+  .long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
-	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+  .long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
-	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+  .long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
-	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+  .long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
-	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+  .long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
-	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+  .long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
-	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+  .long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
-	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+  .long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
 ___
 } else {
 $code.=<<___;
 .align	64
 .type	$TABLE,\@object
 $TABLE:
-	.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+  .quad	0x428a2f98d728ae22,0x7137449123ef65cd
-	.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+  .quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
-	.quad	0x3956c25bf348b538,0x59f111f1b605d019
+  .quad	0x3956c25bf348b538,0x59f111f1b605d019
-	.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+  .quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
-	.quad	0xd807aa98a3030242,0x12835b0145706fbe
+  .quad	0xd807aa98a3030242,0x12835b0145706fbe
-	.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+  .quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
-	.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+  .quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
-	.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+  .quad	0x9bdc06a725c71235,0xc19bf174cf692694
-	.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+  .quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
-	.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+  .quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
-	.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+  .quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
-	.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+  .quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
-	.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+  .quad	0x983e5152ee66dfab,0xa831c66d2db43210
-	.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+  .quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
-	.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+  .quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
-	.quad	0x06ca6351e003826f,0x142929670a0e6e70
+  .quad	0x06ca6351e003826f,0x142929670a0e6e70
-	.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+  .quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
-	.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+  .quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
-	.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+  .quad	0x650a73548baf63de,0x766a0abb3c77b2a8
-	.quad	0x81c2c92e47edaee6,0x92722c851482353b
+  .quad	0x81c2c92e47edaee6,0x92722c851482353b
-	.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+  .quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
-	.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+  .quad	0xc24b8b70d0f89791,0xc76c51a30654be30
-	.quad	0xd192e819d6ef5218,0xd69906245565a910
+  .quad	0xd192e819d6ef5218,0xd69906245565a910
-	.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+  .quad	0xf40e35855771202a,0x106aa07032bbd1b8
-	.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+  .quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
-	.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+  .quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
-	.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+  .quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
-	.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+  .quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
-	.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+  .quad	0x748f82ee5defb2fc,0x78a5636f43172f60
-	.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+  .quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
-	.quad	0x90befffa23631e28,0xa4506cebde82bde9
+  .quad	0x90befffa23631e28,0xa4506cebde82bde9
-	.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+  .quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
-	.quad	0xca273eceea26619c,0xd186b8c721c0c207
+  .quad	0xca273eceea26619c,0xd186b8c721c0c207
-	.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+  .quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
-	.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+  .quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
-	.quad	0x113f9804bef90dae,0x1b710b35131c471b
+  .quad	0x113f9804bef90dae,0x1b710b35131c471b
-	.quad	0x28db77f523047d84,0x32caab7b40c72493
+  .quad	0x28db77f523047d84,0x32caab7b40c72493
-	.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+  .quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
-	.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+  .quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
-	.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+  .quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
 ___
 }
 
@@ -339,97 +338,97 @@ $code.=<<___;
 .type	se_handler,\@abi-omnipotent
 .align	16
 se_handler:
-	push	%rsi
+  push	%rsi
-	push	%rdi
+  push	%rdi
-	push	%rbx
+  push	%rbx
-	push	%rbp
+  push	%rbp
-	push	%r12
+  push	%r12
-	push	%r13
+  push	%r13
-	push	%r14
+  push	%r14
-	push	%r15
+  push	%r15
-	pushfq
+  pushfq
-	sub	\$64,%rsp
+  sub	\$64,%rsp
-
+
-	mov	120($context),%rax	# pull context->Rax
+  mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
+  mov	248($context),%rbx	# pull context->Rip
-
+
-	lea	.Lprologue(%rip),%r10
+  lea	.Lprologue(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<.Lprologue
+  cmp	%r10,%rbx		# context->Rip<.Lprologue
-	jb	.Lin_prologue
+  jb	.Lin_prologue
-
+
-	mov	152($context),%rax	# pull context->Rsp
+  mov	152($context),%rax	# pull context->Rsp
-
+
-	lea	.Lepilogue(%rip),%r10
+  lea	.Lepilogue(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+  cmp	%r10,%rbx		# context->Rip>=.Lepilogue
-	jae	.Lin_prologue
+  jae	.Lin_prologue
-
+
-	mov	16*$SZ+3*8(%rax),%rax	# pull $_rsp
+  mov	16*$SZ+3*8(%rax),%rax	# pull $_rsp
-	lea	48(%rax),%rax
+  lea	48(%rax),%rax
-
+
-	mov	-8(%rax),%rbx
+  mov	-8(%rax),%rbx
-	mov	-16(%rax),%rbp
+  mov	-16(%rax),%rbp
-	mov	-24(%rax),%r12
+  mov	-24(%rax),%r12
-	mov	-32(%rax),%r13
+  mov	-32(%rax),%r13
-	mov	-40(%rax),%r14
+  mov	-40(%rax),%r14
-	mov	-48(%rax),%r15
+  mov	-48(%rax),%r15
-	mov	%rbx,144($context)	# restore context->Rbx
+  mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
+  mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
+  mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
+  mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
+  mov	%r14,232($context)	# restore context->R14
-	mov	%r15,240($context)	# restore context->R15
+  mov	%r15,240($context)	# restore context->R15
 
 .Lin_prologue:
-	mov	8(%rax),%rdi
+  mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
+  mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
+  mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
+  mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
+  mov	%rdi,176($context)	# restore context->Rdi
-
+
-	mov	40($disp),%rdi		# disp->ContextRecord
+  mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
+  mov	$context,%rsi		# context
-	mov	\$154,%ecx		# sizeof(CONTEXT)
+  mov	\$154,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
+  .long	0xa548f3fc		# cld; rep movsq
-
+
-	mov	$disp,%rsi
+  mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+  xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+  mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+  mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+  mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
+  mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
+  lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+  lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
+  mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
+  mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
+  mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
+  mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
+  call	*__imp_RtlVirtualUnwind(%rip)
-
+
-	mov	\$1,%eax		# ExceptionContinueSearch
+  mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
+  add	\$64,%rsp
-	popfq
+  popfq
-	pop	%r15
+  pop	%r15
-	pop	%r14
+  pop	%r14
-	pop	%r13
+  pop	%r13
-	pop	%r12
+  pop	%r12
-	pop	%rbp
+  pop	%rbp
-	pop	%rbx
+  pop	%rbx
-	pop	%rdi
+  pop	%rdi
-	pop	%rsi
+  pop	%rsi
-	ret
+  ret
 .size	se_handler,.-se_handler
 
 .section	.pdata
 .align	4
-	.rva	.LSEH_begin_$func
+  .rva	.LSEH_begin_$func
-	.rva	.LSEH_end_$func
+  .rva	.LSEH_end_$func
-	.rva	.LSEH_info_$func
+  .rva	.LSEH_info_$func
 
 .section	.xdata
 .align	8
 .LSEH_info_$func:
-	.byte	9,0,0,0
+  .byte	9,0,0,0
-	.rva	se_handler
+  .rva	se_handler
 ___
 }
 

deps/openssl/openssl/crypto/sha/asm/sha512-mips.pl

@@ -351,7 +351,7 @@ $code.=<<___;
 	$ST	$G,6*$SZ($ctx)
 	$ST	$H,7*$SZ($ctx)
 
-	bnel	$inp,@X[15],.Loop
+	bne	$inp,@X[15],.Loop
 	$PTR_SUB $Ktbl,`($rounds-16)*$SZ`	# rewind $Ktbl
 
 	$REG_L	$ra,$FRAMESIZE-1*$SZREG($sp)

deps/openssl/openssl/crypto/sha/asm/sha512-parisc.pl

@@ -785,6 +785,8 @@ foreach (split("\n",$code)) {
 
 	s/cmpb,\*/comb,/ if ($SIZE_T==4);
 
+	s/\bbv\b/bve/    if ($SIZE_T==8);
+
 	print $_,"\n";
 }
 

deps/openssl/openssl/crypto/sha/asm/sha512-x86_64.pl

@@ -54,7 +54,6 @@ die "can't locate x86_64-xlate.pl";
 open OUT,"| \"$^X\" $xlate $flavour $output";
 *STDOUT=*OUT;
 
-# assume 512
 $func="sha512_block_data_order";
 $TABLE="K512";
 $SZ=8;

deps/openssl/openssl/crypto/sha/sha512.c

@@ -232,7 +232,14 @@ int SHA384_Update (SHA512_CTX *c, const void *data, size_t len)
 {   return SHA512_Update (c,data,len);   }
 
 void SHA512_Transform (SHA512_CTX *c, const unsigned char *data)
-{   sha512_block_data_order (c,data,1);  }
+	{
+#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
+	if ((size_t)data%sizeof(c->u.d[0]) != 0)
+		memcpy(c->u.p,data,sizeof(c->u.p)),
+		data = c->u.p;
+#endif
+	sha512_block_data_order (c,data,1);
+	}
 
 unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md)
 	{

deps/openssl/openssl/crypto/srp/srp_grps.h

@@ -1,22 +1,22 @@
 /* start of generated data */
 
 static BN_ULONG bn_group_1024_value[] = {
-	bn_pack4(9FC6,1D2F,C0EB,06E3),
+	bn_pack4(0x9FC6,0x1D2F,0xC0EB,0x06E3),
-	bn_pack4(FD51,38FE,8376,435B),
+	bn_pack4(0xFD51,0x38FE,0x8376,0x435B),
-	bn_pack4(2FD4,CBF4,976E,AA9A),
+	bn_pack4(0x2FD4,0xCBF4,0x976E,0xAA9A),
-	bn_pack4(68ED,BC3C,0572,6CC0),
+	bn_pack4(0x68ED,0xBC3C,0x0572,0x6CC0),
-	bn_pack4(C529,F566,660E,57EC),
+	bn_pack4(0xC529,0xF566,0x660E,0x57EC),
-	bn_pack4(8255,9B29,7BCF,1885),
+	bn_pack4(0x8255,0x9B29,0x7BCF,0x1885),
-	bn_pack4(CE8E,F4AD,69B1,5D49),
+	bn_pack4(0xCE8E,0xF4AD,0x69B1,0x5D49),
-	bn_pack4(5DC7,D7B4,6154,D6B6),
+	bn_pack4(0x5DC7,0xD7B4,0x6154,0xD6B6),
-	bn_pack4(8E49,5C1D,6089,DAD1),
+	bn_pack4(0x8E49,0x5C1D,0x6089,0xDAD1),
-	bn_pack4(E0D5,D8E2,50B9,8BE4),
+	bn_pack4(0xE0D5,0xD8E2,0x50B9,0x8BE4),
-	bn_pack4(383B,4813,D692,C6E0),
+	bn_pack4(0x383B,0x4813,0xD692,0xC6E0),
-	bn_pack4(D674,DF74,96EA,81D3),
+	bn_pack4(0xD674,0xDF74,0x96EA,0x81D3),
-	bn_pack4(9EA2,314C,9C25,6576),
+	bn_pack4(0x9EA2,0x314C,0x9C25,0x6576),
-	bn_pack4(6072,6187,75FF,3C0B),
+	bn_pack4(0x6072,0x6187,0x75FF,0x3C0B),
-	bn_pack4(9C33,F80A,FA8F,C5E8),
+	bn_pack4(0x9C33,0xF80A,0xFA8F,0xC5E8),
-	bn_pack4(EEAF,0AB9,ADB3,8DD6)
+	bn_pack4(0xEEAF,0x0AB9,0xADB3,0x8DD6)
 };
 static BIGNUM bn_group_1024 = {
 	bn_group_1024_value,
@@ -27,30 +27,30 @@ static BIGNUM bn_group_1024 = {
 };
 
 static BN_ULONG bn_group_1536_value[] = {
-	bn_pack4(CF76,E3FE,D135,F9BB),
+	bn_pack4(0xCF76,0xE3FE,0xD135,0xF9BB),
-	bn_pack4(1518,0F93,499A,234D),
+	bn_pack4(0x1518,0x0F93,0x499A,0x234D),
-	bn_pack4(8CE7,A28C,2442,C6F3),
+	bn_pack4(0x8CE7,0xA28C,0x2442,0xC6F3),
-	bn_pack4(5A02,1FFF,5E91,479E),
+	bn_pack4(0x5A02,0x1FFF,0x5E91,0x479E),
-	bn_pack4(7F8A,2FE9,B8B5,292E),
+	bn_pack4(0x7F8A,0x2FE9,0xB8B5,0x292E),
-	bn_pack4(837C,264A,E3A9,BEB8),
+	bn_pack4(0x837C,0x264A,0xE3A9,0xBEB8),
-	bn_pack4(E442,734A,F7CC,B7AE),
+	bn_pack4(0xE442,0x734A,0xF7CC,0xB7AE),
-	bn_pack4(6577,2E43,7D6C,7F8C),
+	bn_pack4(0x6577,0x2E43,0x7D6C,0x7F8C),
-	bn_pack4(DB2F,D53D,24B7,C486),
+	bn_pack4(0xDB2F,0xD53D,0x24B7,0xC486),
-	bn_pack4(6EDF,0195,3934,9627),
+	bn_pack4(0x6EDF,0x0195,0x3934,0x9627),
-	bn_pack4(158B,FD3E,2B9C,8CF5),
+	bn_pack4(0x158B,0xFD3E,0x2B9C,0x8CF5),
-	bn_pack4(764E,3F4B,53DD,9DA1),
+	bn_pack4(0x764E,0x3F4B,0x53DD,0x9DA1),
-	bn_pack4(4754,8381,DBC5,B1FC),
+	bn_pack4(0x4754,0x8381,0xDBC5,0xB1FC),
-	bn_pack4(9B60,9E0B,E3BA,B63D),
+	bn_pack4(0x9B60,0x9E0B,0xE3BA,0xB63D),
-	bn_pack4(8134,B1C8,B979,8914),
+	bn_pack4(0x8134,0xB1C8,0xB979,0x8914),
-	bn_pack4(DF02,8A7C,EC67,F0D0),
+	bn_pack4(0xDF02,0x8A7C,0xEC67,0xF0D0),
-	bn_pack4(80B6,55BB,9A22,E8DC),
+	bn_pack4(0x80B6,0x55BB,0x9A22,0xE8DC),
-	bn_pack4(1558,903B,A0D0,F843),
+	bn_pack4(0x1558,0x903B,0xA0D0,0xF843),
-	bn_pack4(51C6,A94B,E460,7A29),
+	bn_pack4(0x51C6,0xA94B,0xE460,0x7A29),
-	bn_pack4(5F4F,5F55,6E27,CBDE),
+	bn_pack4(0x5F4F,0x5F55,0x6E27,0xCBDE),
-	bn_pack4(BEEE,A961,4B19,CC4D),
+	bn_pack4(0xBEEE,0xA961,0x4B19,0xCC4D),
-	bn_pack4(DBA5,1DF4,99AC,4C80),
+	bn_pack4(0xDBA5,0x1DF4,0x99AC,0x4C80),
-	bn_pack4(B1F1,2A86,17A4,7BBB),
+	bn_pack4(0xB1F1,0x2A86,0x17A4,0x7BBB),
-	bn_pack4(9DEF,3CAF,B939,277A)
+	bn_pack4(0x9DEF,0x3CAF,0xB939,0x277A)
 };
 static BIGNUM bn_group_1536 = {
 	bn_group_1536_value,
@@ -61,38 +61,38 @@ static BIGNUM bn_group_1536 = {
 };
 
 static BN_ULONG bn_group_2048_value[] = {
-	bn_pack4(0FA7,111F,9E4A,FF73),
+	bn_pack4(0x0FA7,0x111F,0x9E4A,0xFF73),
-	bn_pack4(9B65,E372,FCD6,8EF2),
+	bn_pack4(0x9B65,0xE372,0xFCD6,0x8EF2),
-	bn_pack4(35DE,236D,525F,5475),
+	bn_pack4(0x35DE,0x236D,0x525F,0x5475),
-	bn_pack4(94B5,C803,D89F,7AE4),
+	bn_pack4(0x94B5,0xC803,0xD89F,0x7AE4),
-	bn_pack4(71AE,35F8,E9DB,FBB6),
+	bn_pack4(0x71AE,0x35F8,0xE9DB,0xFBB6),
-	bn_pack4(2A56,98F3,A8D0,C382),
+	bn_pack4(0x2A56,0x98F3,0xA8D0,0xC382),
-	bn_pack4(9CCC,041C,7BC3,08D8),
+	bn_pack4(0x9CCC,0x041C,0x7BC3,0x08D8),
-	bn_pack4(AF87,4E73,03CE,5329),
+	bn_pack4(0xAF87,0x4E73,0x03CE,0x5329),
-	bn_pack4(6160,2790,04E5,7AE6),
+	bn_pack4(0x6160,0x2790,0x04E5,0x7AE6),
-	bn_pack4(032C,FBDB,F52F,B378),
+	bn_pack4(0x032C,0xFBDB,0xF52F,0xB378),
-	bn_pack4(5EA7,7A27,75D2,ECFA),
+	bn_pack4(0x5EA7,0x7A27,0x75D2,0xECFA),
-	bn_pack4(5445,23B5,24B0,D57D),
+	bn_pack4(0x5445,0x23B5,0x24B0,0xD57D),
-	bn_pack4(5B9D,32E6,88F8,7748),
+	bn_pack4(0x5B9D,0x32E6,0x88F8,0x7748),
-	bn_pack4(F1D2,B907,8717,461A),
+	bn_pack4(0xF1D2,0xB907,0x8717,0x461A),
-	bn_pack4(76BD,207A,436C,6481),
+	bn_pack4(0x76BD,0x207A,0x436C,0x6481),
-	bn_pack4(CA97,B43A,23FB,8016),
+	bn_pack4(0xCA97,0xB43A,0x23FB,0x8016),
-	bn_pack4(1D28,1E44,6B14,773B),
+	bn_pack4(0x1D28,0x1E44,0x6B14,0x773B),
-	bn_pack4(7359,D041,D5C3,3EA7),
+	bn_pack4(0x7359,0xD041,0xD5C3,0x3EA7),
-	bn_pack4(A80D,740A,DBF4,FF74),
+	bn_pack4(0xA80D,0x740A,0xDBF4,0xFF74),
-	bn_pack4(55F9,7993,EC97,5EEA),
+	bn_pack4(0x55F9,0x7993,0xEC97,0x5EEA),
-	bn_pack4(2918,A996,2F0B,93B8),
+	bn_pack4(0x2918,0xA996,0x2F0B,0x93B8),
-	bn_pack4(661A,05FB,D5FA,AAE8),
+	bn_pack4(0x661A,0x05FB,0xD5FA,0xAAE8),
-	bn_pack4(CF60,9517,9A16,3AB3),
+	bn_pack4(0xCF60,0x9517,0x9A16,0x3AB3),
-	bn_pack4(E808,3969,EDB7,67B0),
+	bn_pack4(0xE808,0x3969,0xEDB7,0x67B0),
-	bn_pack4(CD7F,48A9,DA04,FD50),
+	bn_pack4(0xCD7F,0x48A9,0xDA04,0xFD50),
-	bn_pack4(D523,12AB,4B03,310D),
+	bn_pack4(0xD523,0x12AB,0x4B03,0x310D),
-	bn_pack4(8193,E075,7767,A13D),
+	bn_pack4(0x8193,0xE075,0x7767,0xA13D),
-	bn_pack4(A373,29CB,B4A0,99ED),
+	bn_pack4(0xA373,0x29CB,0xB4A0,0x99ED),
-	bn_pack4(FC31,9294,3DB5,6050),
+	bn_pack4(0xFC31,0x9294,0x3DB5,0x6050),
-	bn_pack4(AF72,B665,1987,EE07),
+	bn_pack4(0xAF72,0xB665,0x1987,0xEE07),
-	bn_pack4(F166,DE5E,1389,582F),
+	bn_pack4(0xF166,0xDE5E,0x1389,0x582F),
-	bn_pack4(AC6B,DB41,324A,9A9B)
+	bn_pack4(0xAC6B,0xDB41,0x324A,0x9A9B)
 };
 static BIGNUM bn_group_2048 = {
 	bn_group_2048_value,
@@ -103,54 +103,54 @@ static BIGNUM bn_group_2048 = {
 };
 
 static BN_ULONG bn_group_3072_value[] = {
-	bn_pack4(FFFF,FFFF,FFFF,FFFF),
+	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
-	bn_pack4(4B82,D120,A93A,D2CA),
+	bn_pack4(0x4B82,0xD120,0xA93A,0xD2CA),
-	bn_pack4(43DB,5BFC,E0FD,108E),
+	bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
-	bn_pack4(08E2,4FA0,74E5,AB31),
+	bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
-	bn_pack4(7709,88C0,BAD9,46E2),
+	bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
-	bn_pack4(BBE1,1757,7A61,5D6C),
+	bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
-	bn_pack4(521F,2B18,177B,200C),
+	bn_pack4(0x521F,0x2B18,0x177B,0x200C),
-	bn_pack4(D876,0273,3EC8,6A64),
+	bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
-	bn_pack4(F12F,FA06,D98A,0864),
+	bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
-	bn_pack4(CEE3,D226,1AD2,EE6B),
+	bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
-	bn_pack4(1E8C,94E0,4A25,619D),
+	bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
-	bn_pack4(ABF5,AE8C,DB09,33D7),
+	bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
-	bn_pack4(B397,0F85,A6E1,E4C7),
+	bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
-	bn_pack4(8AEA,7157,5D06,0C7D),
+	bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
-	bn_pack4(ECFB,8504,58DB,EF0A),
+	bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
-	bn_pack4(A855,21AB,DF1C,BA64),
+	bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
-	bn_pack4(AD33,170D,0450,7A33),
+	bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
-	bn_pack4(1572,8E5A,8AAA,C42D),
+	bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
-	bn_pack4(15D2,2618,98FA,0510),
+	bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
-	bn_pack4(3995,497C,EA95,6AE5),
+	bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
-	bn_pack4(DE2B,CBF6,9558,1718),
+	bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
-	bn_pack4(B5C5,5DF0,6F4C,52C9),
+	bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
-	bn_pack4(9B27,83A2,EC07,A28F),
+	bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
-	bn_pack4(E39E,772C,180E,8603),
+	bn_pack4(0xE39E,0x772C,0x180E,0x8603),
-	bn_pack4(3290,5E46,2E36,CE3B),
+	bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
-	bn_pack4(F174,6C08,CA18,217C),
+	bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
-	bn_pack4(670C,354E,4ABC,9804),
+	bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
-	bn_pack4(9ED5,2907,7096,966D),
+	bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
-	bn_pack4(1C62,F356,2085,52BB),
+	bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
-	bn_pack4(8365,5D23,DCA3,AD96),
+	bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
-	bn_pack4(6916,3FA8,FD24,CF5F),
+	bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
-	bn_pack4(98DA,4836,1C55,D39A),
+	bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
-	bn_pack4(C200,7CB8,A163,BF05),
+	bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
-	bn_pack4(4928,6651,ECE4,5B3D),
+	bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
-	bn_pack4(AE9F,2411,7C4B,1FE6),
+	bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
-	bn_pack4(EE38,6BFB,5A89,9FA5),
+	bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
-	bn_pack4(0BFF,5CB6,F406,B7ED),
+	bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
-	bn_pack4(F44C,42E9,A637,ED6B),
+	bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
-	bn_pack4(E485,B576,625E,7EC6),
+	bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
-	bn_pack4(4FE1,356D,6D51,C245),
+	bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
-	bn_pack4(302B,0A6D,F25F,1437),
+	bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
-	bn_pack4(EF95,19B3,CD3A,431B),
+	bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
-	bn_pack4(514A,0879,8E34,04DD),
+	bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
-	bn_pack4(020B,BEA6,3B13,9B22),
+	bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
-	bn_pack4(2902,4E08,8A67,CC74),
+	bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
-	bn_pack4(C4C6,628B,80DC,1CD1),
+	bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
-	bn_pack4(C90F,DAA2,2168,C234),
+	bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
-	bn_pack4(FFFF,FFFF,FFFF,FFFF)
+	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
 };
 static BIGNUM bn_group_3072 = {
 	bn_group_3072_value,
@@ -161,70 +161,70 @@ static BIGNUM bn_group_3072 = {
 };
 
 static BN_ULONG bn_group_4096_value[] = {
-	bn_pack4(FFFF,FFFF,FFFF,FFFF),
+	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
-	bn_pack4(4DF4,35C9,3406,3199),
+	bn_pack4(0x4DF4,0x35C9,0x3406,0x3199),
-	bn_pack4(86FF,B7DC,90A6,C08F),
+	bn_pack4(0x86FF,0xB7DC,0x90A6,0xC08F),
-	bn_pack4(93B4,EA98,8D8F,DDC1),
+	bn_pack4(0x93B4,0xEA98,0x8D8F,0xDDC1),
-	bn_pack4(D006,9127,D5B0,5AA9),
+	bn_pack4(0xD006,0x9127,0xD5B0,0x5AA9),
-	bn_pack4(B81B,DD76,2170,481C),
+	bn_pack4(0xB81B,0xDD76,0x2170,0x481C),
-	bn_pack4(1F61,2970,CEE2,D7AF),
+	bn_pack4(0x1F61,0x2970,0xCEE2,0xD7AF),
-	bn_pack4(233B,A186,515B,E7ED),
+	bn_pack4(0x233B,0xA186,0x515B,0xE7ED),
-	bn_pack4(99B2,964F,A090,C3A2),
+	bn_pack4(0x99B2,0x964F,0xA090,0xC3A2),
-	bn_pack4(287C,5947,4E6B,C05D),
+	bn_pack4(0x287C,0x5947,0x4E6B,0xC05D),
-	bn_pack4(2E8E,FC14,1FBE,CAA6),
+	bn_pack4(0x2E8E,0xFC14,0x1FBE,0xCAA6),
-	bn_pack4(DBBB,C2DB,04DE,8EF9),
+	bn_pack4(0xDBBB,0xC2DB,0x04DE,0x8EF9),
-	bn_pack4(2583,E9CA,2AD4,4CE8),
+	bn_pack4(0x2583,0xE9CA,0x2AD4,0x4CE8),
-	bn_pack4(1A94,6834,B615,0BDA),
+	bn_pack4(0x1A94,0x6834,0xB615,0x0BDA),
-	bn_pack4(99C3,2718,6AF4,E23C),
+	bn_pack4(0x99C3,0x2718,0x6AF4,0xE23C),
-	bn_pack4(8871,9A10,BDBA,5B26),
+	bn_pack4(0x8871,0x9A10,0xBDBA,0x5B26),
-	bn_pack4(1A72,3C12,A787,E6D7),
+	bn_pack4(0x1A72,0x3C12,0xA787,0xE6D7),
-	bn_pack4(4B82,D120,A921,0801),
+	bn_pack4(0x4B82,0xD120,0xA921,0x0801),
-	bn_pack4(43DB,5BFC,E0FD,108E),
+	bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
-	bn_pack4(08E2,4FA0,74E5,AB31),
+	bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
-	bn_pack4(7709,88C0,BAD9,46E2),
+	bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
-	bn_pack4(BBE1,1757,7A61,5D6C),
+	bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
-	bn_pack4(521F,2B18,177B,200C),
+	bn_pack4(0x521F,0x2B18,0x177B,0x200C),
-	bn_pack4(D876,0273,3EC8,6A64),
+	bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
-	bn_pack4(F12F,FA06,D98A,0864),
+	bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
-	bn_pack4(CEE3,D226,1AD2,EE6B),
+	bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
-	bn_pack4(1E8C,94E0,4A25,619D),
+	bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
-	bn_pack4(ABF5,AE8C,DB09,33D7),
+	bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
-	bn_pack4(B397,0F85,A6E1,E4C7),
+	bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
-	bn_pack4(8AEA,7157,5D06,0C7D),
+	bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
-	bn_pack4(ECFB,8504,58DB,EF0A),
+	bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
-	bn_pack4(A855,21AB,DF1C,BA64),
+	bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
-	bn_pack4(AD33,170D,0450,7A33),
+	bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
-	bn_pack4(1572,8E5A,8AAA,C42D),
+	bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
-	bn_pack4(15D2,2618,98FA,0510),
+	bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
-	bn_pack4(3995,497C,EA95,6AE5),
+	bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
-	bn_pack4(DE2B,CBF6,9558,1718),
+	bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
-	bn_pack4(B5C5,5DF0,6F4C,52C9),
+	bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
-	bn_pack4(9B27,83A2,EC07,A28F),
+	bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
-	bn_pack4(E39E,772C,180E,8603),
+	bn_pack4(0xE39E,0x772C,0x180E,0x8603),
-	bn_pack4(3290,5E46,2E36,CE3B),
+	bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
-	bn_pack4(F174,6C08,CA18,217C),
+	bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
-	bn_pack4(670C,354E,4ABC,9804),
+	bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
-	bn_pack4(9ED5,2907,7096,966D),
+	bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
-	bn_pack4(1C62,F356,2085,52BB),
+	bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
-	bn_pack4(8365,5D23,DCA3,AD96),
+	bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
-	bn_pack4(6916,3FA8,FD24,CF5F),
+	bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
-	bn_pack4(98DA,4836,1C55,D39A),
+	bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
-	bn_pack4(C200,7CB8,A163,BF05),
+	bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
-	bn_pack4(4928,6651,ECE4,5B3D),
+	bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
-	bn_pack4(AE9F,2411,7C4B,1FE6),
+	bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
-	bn_pack4(EE38,6BFB,5A89,9FA5),
+	bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
-	bn_pack4(0BFF,5CB6,F406,B7ED),
+	bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
-	bn_pack4(F44C,42E9,A637,ED6B),
+	bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
-	bn_pack4(E485,B576,625E,7EC6),
+	bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
-	bn_pack4(4FE1,356D,6D51,C245),
+	bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
-	bn_pack4(302B,0A6D,F25F,1437),
+	bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
-	bn_pack4(EF95,19B3,CD3A,431B),
+	bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
-	bn_pack4(514A,0879,8E34,04DD),
+	bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
-	bn_pack4(020B,BEA6,3B13,9B22),
+	bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
-	bn_pack4(2902,4E08,8A67,CC74),
+	bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
-	bn_pack4(C4C6,628B,80DC,1CD1),
+	bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
-	bn_pack4(C90F,DAA2,2168,C234),
+	bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
-	bn_pack4(FFFF,FFFF,FFFF,FFFF)
+	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
 };
 static BIGNUM bn_group_4096 = {
 	bn_group_4096_value,
@@ -235,102 +235,102 @@ static BIGNUM bn_group_4096 = {
 };
 
 static BN_ULONG bn_group_6144_value[] = {
-	bn_pack4(FFFF,FFFF,FFFF,FFFF),
+	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
-	bn_pack4(E694,F91E,6DCC,4024),
+	bn_pack4(0xE694,0xF91E,0x6DCC,0x4024),
-	bn_pack4(12BF,2D5B,0B74,74D6),
+	bn_pack4(0x12BF,0x2D5B,0x0B74,0x74D6),
-	bn_pack4(043E,8F66,3F48,60EE),
+	bn_pack4(0x043E,0x8F66,0x3F48,0x60EE),
-	bn_pack4(387F,E8D7,6E3C,0468),
+	bn_pack4(0x387F,0xE8D7,0x6E3C,0x0468),
-	bn_pack4(DA56,C9EC,2EF2,9632),
+	bn_pack4(0xDA56,0xC9EC,0x2EF2,0x9632),
-	bn_pack4(EB19,CCB1,A313,D55C),
+	bn_pack4(0xEB19,0xCCB1,0xA313,0xD55C),
-	bn_pack4(F550,AA3D,8A1F,BFF0),
+	bn_pack4(0xF550,0xAA3D,0x8A1F,0xBFF0),
-	bn_pack4(06A1,D58B,B7C5,DA76),
+	bn_pack4(0x06A1,0xD58B,0xB7C5,0xDA76),
-	bn_pack4(A797,15EE,F29B,E328),
+	bn_pack4(0xA797,0x15EE,0xF29B,0xE328),
-	bn_pack4(14CC,5ED2,0F80,37E0),
+	bn_pack4(0x14CC,0x5ED2,0x0F80,0x37E0),
-	bn_pack4(CC8F,6D7E,BF48,E1D8),
+	bn_pack4(0xCC8F,0x6D7E,0xBF48,0xE1D8),
-	bn_pack4(4BD4,07B2,2B41,54AA),
+	bn_pack4(0x4BD4,0x07B2,0x2B41,0x54AA),
-	bn_pack4(0F1D,45B7,FF58,5AC5),
+	bn_pack4(0x0F1D,0x45B7,0xFF58,0x5AC5),
-	bn_pack4(23A9,7A7E,36CC,88BE),
+	bn_pack4(0x23A9,0x7A7E,0x36CC,0x88BE),
-	bn_pack4(59E7,C97F,BEC7,E8F3),
+	bn_pack4(0x59E7,0xC97F,0xBEC7,0xE8F3),
-	bn_pack4(B5A8,4031,900B,1C9E),
+	bn_pack4(0xB5A8,0x4031,0x900B,0x1C9E),
-	bn_pack4(D55E,702F,4698,0C82),
+	bn_pack4(0xD55E,0x702F,0x4698,0x0C82),
-	bn_pack4(F482,D7CE,6E74,FEF6),
+	bn_pack4(0xF482,0xD7CE,0x6E74,0xFEF6),
-	bn_pack4(F032,EA15,D172,1D03),
+	bn_pack4(0xF032,0xEA15,0xD172,0x1D03),
-	bn_pack4(5983,CA01,C64B,92EC),
+	bn_pack4(0x5983,0xCA01,0xC64B,0x92EC),
-	bn_pack4(6FB8,F401,378C,D2BF),
+	bn_pack4(0x6FB8,0xF401,0x378C,0xD2BF),
-	bn_pack4(3320,5151,2BD7,AF42),
+	bn_pack4(0x3320,0x5151,0x2BD7,0xAF42),
-	bn_pack4(DB7F,1447,E6CC,254B),
+	bn_pack4(0xDB7F,0x1447,0xE6CC,0x254B),
-	bn_pack4(44CE,6CBA,CED4,BB1B),
+	bn_pack4(0x44CE,0x6CBA,0xCED4,0xBB1B),
-	bn_pack4(DA3E,DBEB,CF9B,14ED),
+	bn_pack4(0xDA3E,0xDBEB,0xCF9B,0x14ED),
-	bn_pack4(1797,27B0,865A,8918),
+	bn_pack4(0x1797,0x27B0,0x865A,0x8918),
-	bn_pack4(B06A,53ED,9027,D831),
+	bn_pack4(0xB06A,0x53ED,0x9027,0xD831),
-	bn_pack4(E5DB,382F,4130,01AE),
+	bn_pack4(0xE5DB,0x382F,0x4130,0x01AE),
-	bn_pack4(F8FF,9406,AD9E,530E),
+	bn_pack4(0xF8FF,0x9406,0xAD9E,0x530E),
-	bn_pack4(C975,1E76,3DBA,37BD),
+	bn_pack4(0xC975,0x1E76,0x3DBA,0x37BD),
-	bn_pack4(C1D4,DCB2,6026,46DE),
+	bn_pack4(0xC1D4,0xDCB2,0x6026,0x46DE),
-	bn_pack4(36C3,FAB4,D27C,7026),
+	bn_pack4(0x36C3,0xFAB4,0xD27C,0x7026),
-	bn_pack4(4DF4,35C9,3402,8492),
+	bn_pack4(0x4DF4,0x35C9,0x3402,0x8492),
-	bn_pack4(86FF,B7DC,90A6,C08F),
+	bn_pack4(0x86FF,0xB7DC,0x90A6,0xC08F),
-	bn_pack4(93B4,EA98,8D8F,DDC1),
+	bn_pack4(0x93B4,0xEA98,0x8D8F,0xDDC1),
-	bn_pack4(D006,9127,D5B0,5AA9),
+	bn_pack4(0xD006,0x9127,0xD5B0,0x5AA9),
-	bn_pack4(B81B,DD76,2170,481C),
+	bn_pack4(0xB81B,0xDD76,0x2170,0x481C),
-	bn_pack4(1F61,2970,CEE2,D7AF),
+	bn_pack4(0x1F61,0x2970,0xCEE2,0xD7AF),
-	bn_pack4(233B,A186,515B,E7ED),
+	bn_pack4(0x233B,0xA186,0x515B,0xE7ED),
-	bn_pack4(99B2,964F,A090,C3A2),
+	bn_pack4(0x99B2,0x964F,0xA090,0xC3A2),
-	bn_pack4(287C,5947,4E6B,C05D),
+	bn_pack4(0x287C,0x5947,0x4E6B,0xC05D),
-	bn_pack4(2E8E,FC14,1FBE,CAA6),
+	bn_pack4(0x2E8E,0xFC14,0x1FBE,0xCAA6),
-	bn_pack4(DBBB,C2DB,04DE,8EF9),
+	bn_pack4(0xDBBB,0xC2DB,0x04DE,0x8EF9),
-	bn_pack4(2583,E9CA,2AD4,4CE8),
+	bn_pack4(0x2583,0xE9CA,0x2AD4,0x4CE8),
-	bn_pack4(1A94,6834,B615,0BDA),
+	bn_pack4(0x1A94,0x6834,0xB615,0x0BDA),
-	bn_pack4(99C3,2718,6AF4,E23C),
+	bn_pack4(0x99C3,0x2718,0x6AF4,0xE23C),
-	bn_pack4(8871,9A10,BDBA,5B26),
+	bn_pack4(0x8871,0x9A10,0xBDBA,0x5B26),
-	bn_pack4(1A72,3C12,A787,E6D7),
+	bn_pack4(0x1A72,0x3C12,0xA787,0xE6D7),
-	bn_pack4(4B82,D120,A921,0801),
+	bn_pack4(0x4B82,0xD120,0xA921,0x0801),
-	bn_pack4(43DB,5BFC,E0FD,108E),
+	bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
-	bn_pack4(08E2,4FA0,74E5,AB31),
+	bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
-	bn_pack4(7709,88C0,BAD9,46E2),
+	bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
-	bn_pack4(BBE1,1757,7A61,5D6C),
+	bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
-	bn_pack4(521F,2B18,177B,200C),
+	bn_pack4(0x521F,0x2B18,0x177B,0x200C),
-	bn_pack4(D876,0273,3EC8,6A64),
+	bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
-	bn_pack4(F12F,FA06,D98A,0864),
+	bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
-	bn_pack4(CEE3,D226,1AD2,EE6B),
+	bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
-	bn_pack4(1E8C,94E0,4A25,619D),
+	bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
-	bn_pack4(ABF5,AE8C,DB09,33D7),
+	bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
-	bn_pack4(B397,0F85,A6E1,E4C7),
+	bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
-	bn_pack4(8AEA,7157,5D06,0C7D),
+	bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
-	bn_pack4(ECFB,8504,58DB,EF0A),
+	bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
-	bn_pack4(A855,21AB,DF1C,BA64),
+	bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
-	bn_pack4(AD33,170D,0450,7A33),
+	bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
-	bn_pack4(1572,8E5A,8AAA,C42D),
+	bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
-	bn_pack4(15D2,2618,98FA,0510),
+	bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
-	bn_pack4(3995,497C,EA95,6AE5),
+	bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
-	bn_pack4(DE2B,CBF6,9558,1718),
+	bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
-	bn_pack4(B5C5,5DF0,6F4C,52C9),
+	bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
-	bn_pack4(9B27,83A2,EC07,A28F),
+	bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
-	bn_pack4(E39E,772C,180E,8603),
+	bn_pack4(0xE39E,0x772C,0x180E,0x8603),
-	bn_pack4(3290,5E46,2E36,CE3B),
+	bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
-	bn_pack4(F174,6C08,CA18,217C),
+	bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
-	bn_pack4(670C,354E,4ABC,9804),
+	bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
-	bn_pack4(9ED5,2907,7096,966D),
+	bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
-	bn_pack4(1C62,F356,2085,52BB),
+	bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
-	bn_pack4(8365,5D23,DCA3,AD96),
+	bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
-	bn_pack4(6916,3FA8,FD24,CF5F),
+	bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
-	bn_pack4(98DA,4836,1C55,D39A),
+	bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
-	bn_pack4(C200,7CB8,A163,BF05),
+	bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
-	bn_pack4(4928,6651,ECE4,5B3D),
+	bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
-	bn_pack4(AE9F,2411,7C4B,1FE6),
+	bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
-	bn_pack4(EE38,6BFB,5A89,9FA5),
+	bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
-	bn_pack4(0BFF,5CB6,F406,B7ED),
+	bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
-	bn_pack4(F44C,42E9,A637,ED6B),
+	bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
-	bn_pack4(E485,B576,625E,7EC6),
+	bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
-	bn_pack4(4FE1,356D,6D51,C245),
+	bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
-	bn_pack4(302B,0A6D,F25F,1437),
+	bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
-	bn_pack4(EF95,19B3,CD3A,431B),
+	bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
-	bn_pack4(514A,0879,8E34,04DD),
+	bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
-	bn_pack4(020B,BEA6,3B13,9B22),
+	bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
-	bn_pack4(2902,4E08,8A67,CC74),
+	bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
-	bn_pack4(C4C6,628B,80DC,1CD1),
+	bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
-	bn_pack4(C90F,DAA2,2168,C234),
+	bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
-	bn_pack4(FFFF,FFFF,FFFF,FFFF)
+	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
 };
 static BIGNUM bn_group_6144 = {
 	bn_group_6144_value,
@@ -341,134 +341,134 @@ static BIGNUM bn_group_6144 = {
 };
 
 static BN_ULONG bn_group_8192_value[] = {
-	bn_pack4(FFFF,FFFF,FFFF,FFFF),
+	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
-	bn_pack4(60C9,80DD,98ED,D3DF),
+	bn_pack4(0x60C9,0x80DD,0x98ED,0xD3DF),
-	bn_pack4(C81F,56E8,80B9,6E71),
+	bn_pack4(0xC81F,0x56E8,0x80B9,0x6E71),
-	bn_pack4(9E30,50E2,7656,94DF),
+	bn_pack4(0x9E30,0x50E2,0x7656,0x94DF),
-	bn_pack4(9558,E447,5677,E9AA),
+	bn_pack4(0x9558,0xE447,0x5677,0xE9AA),
-	bn_pack4(C919,0DA6,FC02,6E47),
+	bn_pack4(0xC919,0x0DA6,0xFC02,0x6E47),
-	bn_pack4(889A,002E,D5EE,382B),
+	bn_pack4(0x889A,0x002E,0xD5EE,0x382B),
-	bn_pack4(4009,438B,481C,6CD7),
+	bn_pack4(0x4009,0x438B,0x481C,0x6CD7),
-	bn_pack4(3590,46F4,EB87,9F92),
+	bn_pack4(0x3590,0x46F4,0xEB87,0x9F92),
-	bn_pack4(FAF3,6BC3,1ECF,A268),
+	bn_pack4(0xFAF3,0x6BC3,0x1ECF,0xA268),
-	bn_pack4(B1D5,10BD,7EE7,4D73),
+	bn_pack4(0xB1D5,0x10BD,0x7EE7,0x4D73),
-	bn_pack4(F9AB,4819,5DED,7EA1),
+	bn_pack4(0xF9AB,0x4819,0x5DED,0x7EA1),
-	bn_pack4(64F3,1CC5,0846,851D),
+	bn_pack4(0x64F3,0x1CC5,0x0846,0x851D),
-	bn_pack4(4597,E899,A025,5DC1),
+	bn_pack4(0x4597,0xE899,0xA025,0x5DC1),
-	bn_pack4(DF31,0EE0,74AB,6A36),
+	bn_pack4(0xDF31,0x0EE0,0x74AB,0x6A36),
-	bn_pack4(6D2A,13F8,3F44,F82D),
+	bn_pack4(0x6D2A,0x13F8,0x3F44,0xF82D),
-	bn_pack4(062B,3CF5,B3A2,78A6),
+	bn_pack4(0x062B,0x3CF5,0xB3A2,0x78A6),
-	bn_pack4(7968,3303,ED5B,DD3A),
+	bn_pack4(0x7968,0x3303,0xED5B,0xDD3A),
-	bn_pack4(FA9D,4B7F,A2C0,87E8),
+	bn_pack4(0xFA9D,0x4B7F,0xA2C0,0x87E8),
-	bn_pack4(4BCB,C886,2F83,85DD),
+	bn_pack4(0x4BCB,0xC886,0x2F83,0x85DD),
-	bn_pack4(3473,FC64,6CEA,306B),
+	bn_pack4(0x3473,0xFC64,0x6CEA,0x306B),
-	bn_pack4(13EB,57A8,1A23,F0C7),
+	bn_pack4(0x13EB,0x57A8,0x1A23,0xF0C7),
-	bn_pack4(2222,2E04,A403,7C07),
+	bn_pack4(0x2222,0x2E04,0xA403,0x7C07),
-	bn_pack4(E3FD,B8BE,FC84,8AD9),
+	bn_pack4(0xE3FD,0xB8BE,0xFC84,0x8AD9),
-	bn_pack4(238F,16CB,E39D,652D),
+	bn_pack4(0x238F,0x16CB,0xE39D,0x652D),
-	bn_pack4(3423,B474,2BF1,C978),
+	bn_pack4(0x3423,0xB474,0x2BF1,0xC978),
-	bn_pack4(3AAB,639C,5AE4,F568),
+	bn_pack4(0x3AAB,0x639C,0x5AE4,0xF568),
-	bn_pack4(2576,F693,6BA4,2466),
+	bn_pack4(0x2576,0xF693,0x6BA4,0x2466),
-	bn_pack4(741F,A7BF,8AFC,47ED),
+	bn_pack4(0x741F,0xA7BF,0x8AFC,0x47ED),
-	bn_pack4(3BC8,32B6,8D9D,D300),
+	bn_pack4(0x3BC8,0x32B6,0x8D9D,0xD300),
-	bn_pack4(D8BE,C4D0,73B9,31BA),
+	bn_pack4(0xD8BE,0xC4D0,0x73B9,0x31BA),
-	bn_pack4(3877,7CB6,A932,DF8C),
+	bn_pack4(0x3877,0x7CB6,0xA932,0xDF8C),
-	bn_pack4(74A3,926F,12FE,E5E4),
+	bn_pack4(0x74A3,0x926F,0x12FE,0xE5E4),
-	bn_pack4(E694,F91E,6DBE,1159),
+	bn_pack4(0xE694,0xF91E,0x6DBE,0x1159),
-	bn_pack4(12BF,2D5B,0B74,74D6),
+	bn_pack4(0x12BF,0x2D5B,0x0B74,0x74D6),
-	bn_pack4(043E,8F66,3F48,60EE),
+	bn_pack4(0x043E,0x8F66,0x3F48,0x60EE),
-	bn_pack4(387F,E8D7,6E3C,0468),
+	bn_pack4(0x387F,0xE8D7,0x6E3C,0x0468),
-	bn_pack4(DA56,C9EC,2EF2,9632),
+	bn_pack4(0xDA56,0xC9EC,0x2EF2,0x9632),
-	bn_pack4(EB19,CCB1,A313,D55C),
+	bn_pack4(0xEB19,0xCCB1,0xA313,0xD55C),
-	bn_pack4(F550,AA3D,8A1F,BFF0),
+	bn_pack4(0xF550,0xAA3D,0x8A1F,0xBFF0),
-	bn_pack4(06A1,D58B,B7C5,DA76),
+	bn_pack4(0x06A1,0xD58B,0xB7C5,0xDA76),
-	bn_pack4(A797,15EE,F29B,E328),
+	bn_pack4(0xA797,0x15EE,0xF29B,0xE328),
-	bn_pack4(14CC,5ED2,0F80,37E0),
+	bn_pack4(0x14CC,0x5ED2,0x0F80,0x37E0),
-	bn_pack4(CC8F,6D7E,BF48,E1D8),
+	bn_pack4(0xCC8F,0x6D7E,0xBF48,0xE1D8),
-	bn_pack4(4BD4,07B2,2B41,54AA),
+	bn_pack4(0x4BD4,0x07B2,0x2B41,0x54AA),
-	bn_pack4(0F1D,45B7,FF58,5AC5),
+	bn_pack4(0x0F1D,0x45B7,0xFF58,0x5AC5),
-	bn_pack4(23A9,7A7E,36CC,88BE),
+	bn_pack4(0x23A9,0x7A7E,0x36CC,0x88BE),
-	bn_pack4(59E7,C97F,BEC7,E8F3),
+	bn_pack4(0x59E7,0xC97F,0xBEC7,0xE8F3),
-	bn_pack4(B5A8,4031,900B,1C9E),
+	bn_pack4(0xB5A8,0x4031,0x900B,0x1C9E),
-	bn_pack4(D55E,702F,4698,0C82),
+	bn_pack4(0xD55E,0x702F,0x4698,0x0C82),
-	bn_pack4(F482,D7CE,6E74,FEF6),
+	bn_pack4(0xF482,0xD7CE,0x6E74,0xFEF6),
-	bn_pack4(F032,EA15,D172,1D03),
+	bn_pack4(0xF032,0xEA15,0xD172,0x1D03),
-	bn_pack4(5983,CA01,C64B,92EC),
+	bn_pack4(0x5983,0xCA01,0xC64B,0x92EC),
-	bn_pack4(6FB8,F401,378C,D2BF),
+	bn_pack4(0x6FB8,0xF401,0x378C,0xD2BF),
-	bn_pack4(3320,5151,2BD7,AF42),
+	bn_pack4(0x3320,0x5151,0x2BD7,0xAF42),
-	bn_pack4(DB7F,1447,E6CC,254B),
+	bn_pack4(0xDB7F,0x1447,0xE6CC,0x254B),
-	bn_pack4(44CE,6CBA,CED4,BB1B),
+	bn_pack4(0x44CE,0x6CBA,0xCED4,0xBB1B),
-	bn_pack4(DA3E,DBEB,CF9B,14ED),
+	bn_pack4(0xDA3E,0xDBEB,0xCF9B,0x14ED),
-	bn_pack4(1797,27B0,865A,8918),
+	bn_pack4(0x1797,0x27B0,0x865A,0x8918),
-	bn_pack4(B06A,53ED,9027,D831),
+	bn_pack4(0xB06A,0x53ED,0x9027,0xD831),
-	bn_pack4(E5DB,382F,4130,01AE),
+	bn_pack4(0xE5DB,0x382F,0x4130,0x01AE),
-	bn_pack4(F8FF,9406,AD9E,530E),
+	bn_pack4(0xF8FF,0x9406,0xAD9E,0x530E),
-	bn_pack4(C975,1E76,3DBA,37BD),
+	bn_pack4(0xC975,0x1E76,0x3DBA,0x37BD),
-	bn_pack4(C1D4,DCB2,6026,46DE),
+	bn_pack4(0xC1D4,0xDCB2,0x6026,0x46DE),
-	bn_pack4(36C3,FAB4,D27C,7026),
+	bn_pack4(0x36C3,0xFAB4,0xD27C,0x7026),
-	bn_pack4(4DF4,35C9,3402,8492),
+	bn_pack4(0x4DF4,0x35C9,0x3402,0x8492),
-	bn_pack4(86FF,B7DC,90A6,C08F),
+	bn_pack4(0x86FF,0xB7DC,0x90A6,0xC08F),
-	bn_pack4(93B4,EA98,8D8F,DDC1),
+	bn_pack4(0x93B4,0xEA98,0x8D8F,0xDDC1),
-	bn_pack4(D006,9127,D5B0,5AA9),
+	bn_pack4(0xD006,0x9127,0xD5B0,0x5AA9),
-	bn_pack4(B81B,DD76,2170,481C),
+	bn_pack4(0xB81B,0xDD76,0x2170,0x481C),
-	bn_pack4(1F61,2970,CEE2,D7AF),
+	bn_pack4(0x1F61,0x2970,0xCEE2,0xD7AF),
-	bn_pack4(233B,A186,515B,E7ED),
+	bn_pack4(0x233B,0xA186,0x515B,0xE7ED),
-	bn_pack4(99B2,964F,A090,C3A2),
+	bn_pack4(0x99B2,0x964F,0xA090,0xC3A2),
-	bn_pack4(287C,5947,4E6B,C05D),
+	bn_pack4(0x287C,0x5947,0x4E6B,0xC05D),
-	bn_pack4(2E8E,FC14,1FBE,CAA6),
+	bn_pack4(0x2E8E,0xFC14,0x1FBE,0xCAA6),
-	bn_pack4(DBBB,C2DB,04DE,8EF9),
+	bn_pack4(0xDBBB,0xC2DB,0x04DE,0x8EF9),
-	bn_pack4(2583,E9CA,2AD4,4CE8),
+	bn_pack4(0x2583,0xE9CA,0x2AD4,0x4CE8),
-	bn_pack4(1A94,6834,B615,0BDA),
+	bn_pack4(0x1A94,0x6834,0xB615,0x0BDA),
-	bn_pack4(99C3,2718,6AF4,E23C),
+	bn_pack4(0x99C3,0x2718,0x6AF4,0xE23C),
-	bn_pack4(8871,9A10,BDBA,5B26),
+	bn_pack4(0x8871,0x9A10,0xBDBA,0x5B26),
-	bn_pack4(1A72,3C12,A787,E6D7),
+	bn_pack4(0x1A72,0x3C12,0xA787,0xE6D7),
-	bn_pack4(4B82,D120,A921,0801),
+	bn_pack4(0x4B82,0xD120,0xA921,0x0801),
-	bn_pack4(43DB,5BFC,E0FD,108E),
+	bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
-	bn_pack4(08E2,4FA0,74E5,AB31),
+	bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
-	bn_pack4(7709,88C0,BAD9,46E2),
+	bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
-	bn_pack4(BBE1,1757,7A61,5D6C),
+	bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
-	bn_pack4(521F,2B18,177B,200C),
+	bn_pack4(0x521F,0x2B18,0x177B,0x200C),
-	bn_pack4(D876,0273,3EC8,6A64),
+	bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
-	bn_pack4(F12F,FA06,D98A,0864),
+	bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
-	bn_pack4(CEE3,D226,1AD2,EE6B),
+	bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
-	bn_pack4(1E8C,94E0,4A25,619D),
+	bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
-	bn_pack4(ABF5,AE8C,DB09,33D7),
+	bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
-	bn_pack4(B397,0F85,A6E1,E4C7),
+	bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
-	bn_pack4(8AEA,7157,5D06,0C7D),
+	bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
-	bn_pack4(ECFB,8504,58DB,EF0A),
+	bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
-	bn_pack4(A855,21AB,DF1C,BA64),
+	bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
-	bn_pack4(AD33,170D,0450,7A33),
+	bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
-	bn_pack4(1572,8E5A,8AAA,C42D),
+	bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
-	bn_pack4(15D2,2618,98FA,0510),
+	bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
-	bn_pack4(3995,497C,EA95,6AE5),
+	bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
-	bn_pack4(DE2B,CBF6,9558,1718),
+	bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
-	bn_pack4(B5C5,5DF0,6F4C,52C9),
+	bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
-	bn_pack4(9B27,83A2,EC07,A28F),
+	bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
-	bn_pack4(E39E,772C,180E,8603),
+	bn_pack4(0xE39E,0x772C,0x180E,0x8603),
-	bn_pack4(3290,5E46,2E36,CE3B),
+	bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
-	bn_pack4(F174,6C08,CA18,217C),
+	bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
-	bn_pack4(670C,354E,4ABC,9804),
+	bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
-	bn_pack4(9ED5,2907,7096,966D),
+	bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
-	bn_pack4(1C62,F356,2085,52BB),
+	bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
-	bn_pack4(8365,5D23,DCA3,AD96),
+	bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
-	bn_pack4(6916,3FA8,FD24,CF5F),
+	bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
-	bn_pack4(98DA,4836,1C55,D39A),
+	bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
-	bn_pack4(C200,7CB8,A163,BF05),
+	bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
-	bn_pack4(4928,6651,ECE4,5B3D),
+	bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
-	bn_pack4(AE9F,2411,7C4B,1FE6),
+	bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
-	bn_pack4(EE38,6BFB,5A89,9FA5),
+	bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
-	bn_pack4(0BFF,5CB6,F406,B7ED),
+	bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
-	bn_pack4(F44C,42E9,A637,ED6B),
+	bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
-	bn_pack4(E485,B576,625E,7EC6),
+	bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
-	bn_pack4(4FE1,356D,6D51,C245),
+	bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
-	bn_pack4(302B,0A6D,F25F,1437),
+	bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
-	bn_pack4(EF95,19B3,CD3A,431B),
+	bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
-	bn_pack4(514A,0879,8E34,04DD),
+	bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
-	bn_pack4(020B,BEA6,3B13,9B22),
+	bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
-	bn_pack4(2902,4E08,8A67,CC74),
+	bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
-	bn_pack4(C4C6,628B,80DC,1CD1),
+	bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
-	bn_pack4(C90F,DAA2,2168,C234),
+	bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
-	bn_pack4(FFFF,FFFF,FFFF,FFFF)
+	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
 };
 static BIGNUM bn_group_8192 = {
 	bn_group_8192_value,

deps/openssl/openssl/crypto/srp/srp_lib.c

@@ -63,13 +63,17 @@
 #include <openssl/evp.h>
 
 #if (BN_BYTES == 8)
-#define bn_pack4(a1,a2,a3,a4) 0x##a1##a2##a3##a4##ul
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-#endif
+#  define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
-#if (BN_BYTES == 4)
+# elif defined(__arch64__)
-#define bn_pack4(a1,a2,a3,a4)  0x##a3##a4##ul, 0x##a1##a2##ul
+#  define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
-#endif
+# else
-#if (BN_BYTES == 2)
+#  define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
-#define bn_pack4(a1,a2,a3,a4) 0x##a4##u,0x##a3##u,0x##a2##u,0x##a1##u
+# endif
+#elif (BN_BYTES == 4)
+# define bn_pack4(a1,a2,a3,a4)  ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
+#else
+# error "unsupported BN_BYTES"
 #endif
 
 

deps/openssl/openssl/crypto/x509/x509_vfy.c

@@ -694,6 +694,7 @@ static int check_cert(X509_STORE_CTX *ctx)
 	X509_CRL *crl = NULL, *dcrl = NULL;
 	X509 *x;
 	int ok, cnum;
+	unsigned int last_reasons;
 	cnum = ctx->error_depth;
 	x = sk_X509_value(ctx->chain, cnum);
 	ctx->current_cert = x;
@@ -702,6 +703,7 @@ static int check_cert(X509_STORE_CTX *ctx)
 	ctx->current_reasons = 0;
 	while (ctx->current_reasons != CRLDP_ALL_REASONS)
 		{
+		last_reasons = ctx->current_reasons;
 		/* Try to retrieve relevant CRL */
 		if (ctx->get_crl)
 			ok = ctx->get_crl(ctx, &crl, x);
@@ -745,6 +747,15 @@ static int check_cert(X509_STORE_CTX *ctx)
 		X509_CRL_free(dcrl);
 		crl = NULL;
 		dcrl = NULL;
+		/* If reasons not updated we wont get anywhere by
+		 * another iteration, so exit loop.
+		 */
+		if (last_reasons == ctx->current_reasons)
+			{
+			ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
+			ok = ctx->verify_cb(0, ctx);
+			goto err;
+			}
 		}
 	err:
 	X509_CRL_free(crl);

deps/openssl/openssl/crypto/x509/x_all.c

@@ -97,6 +97,7 @@ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
 
 int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
 	{
+	x->cert_info->enc.modified = 1;
 	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
 		x->cert_info->signature,
 		x->sig_alg, x->signature, x->cert_info, ctx);
@@ -123,6 +124,7 @@ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
 
 int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
 	{
+	x->crl->enc.modified = 1;
 	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
 		x->crl->sig_alg, x->sig_alg, x->signature, x->crl, ctx);
 	}

deps/openssl/openssl/crypto/x86cpuid.pl

@@ -67,6 +67,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 	&inc	("esi");		# number of cores
 
 	&mov	("eax",1);
+	&xor	("ecx","ecx");
 	&cpuid	();
 	&bt	("edx",28);
 	&jnc	(&label("generic"));
@@ -91,6 +92,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 
 &set_label("nocacheinfo");
 	&mov	("eax",1);
+	&xor	("ecx","ecx");
 	&cpuid	();
 	&and	("edx",0xbfefffff);	# force reserved bits #20, #30 to 0
 	&cmp	("ebp",0);